Y
Hacker News
new
|
ask
|
show
|
jobs
by
feinte
281 days ago
A plugin can spawn arbitrary processes so if neovim is not started in a sandbox (container, namespace, firejail...) they can basically do whatever your user has the right to do.
Pretty big supply chain risks here.
1 comments
WhyNotHugo
281 days ago
And often times sandboxing it is hard.
E.g.: what do you use to edit ~/.ssh/config or ~/.profile?
link
E.g.: what do you use to edit ~/.ssh/config or ~/.profile?