Y
Hacker News
new
|
ask
|
show
|
jobs
by
sedatk
331 days ago
> But if an attacker can run commands as you with arbitrary environment variables, aren't you already pwned?
Not unless they have another path for privilege escalation.