Y
Hacker News
new
|
ask
|
show
|
jobs
by
caust1c
338 days ago
Yes, unfortunately it's pretty trivial. Any time arbitrary file write is possible, RCE is usually possible too.
1 comments
lostmsu
337 days ago
Could this be mitigated by moving .git out of work tree directory and using unprivileged process that only has access to work tree directory to do all the file manipulation?
link