|
|
|
|
|
|
by jeff-davis
2055 days ago
|
|
|
The nanoprocess concept seems like a big deal. I remember reading about a vulnerability in the unix utility "strings". The code is incredibly simple at first glance, but it had a dependency to detect the filetype, and that dependency was not safe on untrusted input. At that moment I realized that unix security was fundamentally flawed. A utility that does nothing but read its input and write the output shouldn't have permission to do anything else. |
|
|