|
|
|
|
|
|
by huflungdung
241 days ago
|
|
|
This was a devops exploit because they used the same env for building the app as they did for the test code. Many miss this entirely and think it is because a binary was shipped. Ideally a test env and a build env should be entirely isolated should the test code some how modify the source. Which in this case it did. |
|
|