|
|
|
|
|
|
by bandrami
4067 days ago
|
|
|
why allow file(1) to open sockets, write to arbitrary files, and run external programs Well, there's not code in file(1) to do that, but there's code that reads data in and makes decisions based on that data. Which means, if your attacker is more careful than the programmer was, you have possibly given that attacker a Turing machine. |
|
|