Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
salawat
on July 7, 2023
|
parent
|
context
|
favorite
| on:
List of Unix binaries that can be used to bypass l...
....except it isn't if you set up the git user with authorized_keys (user public key), and set the login shell for the system git user to nologin.
Congratulations. Git without bash. Unless there's another escape I'm not aware of.
feldrim
on July 7, 2023
[–]
And that is the whole idea of having a list like this. These tools by default have some capabilities which can easily be executable. You need to mitigate each of those. Because they are insecure by default.
Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Congratulations. Git without bash. Unless there's another escape I'm not aware of.