Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
xfer
on May 28, 2019
|
parent
|
context
|
favorite
| on:
Docker is vulnerable to a symlink-race attack
You only have to audit the binary produced, not gcc.
merb
on May 28, 2019
[–]
and how do you do that? - btw. without reading bit per bit you still have a problem since you can't audit a binary with a full trust chain, i.e. the auditing tool needs to be audited aswell, etc...
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
