Похожие чаты

What if I put weird symbols in pkgbuild that make

your editor go crazy and show you things that aren't in the file?

17 ответов

20 просмотров

If your editor won't show the code only because you use gibberish, change the code editor immediately

Alexander-Gnatyuk Автор вопроса

Tell me the name of editor that has never had, doesn't have and will never have bugs.

Alexander Gnatyuk
Tell me the name of editor that has never had, doe...

Not having bugs hiding parts of the malicious code? Any of them

Alexander-Gnatyuk Автор вопроса
Muflone
Not having bugs hiding parts of the malicious code...

One exploit can be used to create another. Software is complicated and can be manipulated in lots of ways. Not all of which are known.

Alexander Gnatyuk
One exploit can be used to create another. Softwar...

This is mere speculation or trolling To create a malicious code using an inexistent vulnerability in your code editor

Alexander-Gnatyuk Автор вопроса
Muflone
This is mere speculation or trolling To create a ...

You can't prove that something is inexistent. I'm not trolling, I'm being 100% serious.

Alexander-Gnatyuk Автор вопроса
Muflone
This is mere speculation or trolling To create a ...

My statement is "there might be an editor that might have a vulnerability that might be used to cause it to display text in a wrong way". There is no way for you to prove me wrong on this.

Alexander Gnatyuk
You can't prove that something is inexistent. I'm ...

You're simply spreading fud with zero arguments about an inexistent bug still unknown

Alexander-Gnatyuk Автор вопроса
Muflone
You're simply spreading fud with zero arguments ab...

At no point have a I claimed that something like that exists. The only thing I claim is that it might.

Alexander-Gnatyuk Автор вопроса
Muflone
Ok, so this issue is inexistent

You can't claim nonexistence of anything.

I have to disagree here. It is true that most editors' vulnerabilities have to do with malformed input, where they can be crashed (i.e. denial of service), or in some cases achieve code execution. It is also true that technically, you could insert non-printable control characters in a text file, especially if you have a hex editor and an ASCII conversion chart handy. And I do encourage security research like this, especially fuzzing. If anything, developers should not consider any data provided by the user or third-party code trustworthy at all. However, and this is where I disagree.. if you break the text viewer / editor like this, chances are that you'll also break the AUR helper's code that interprets such a malformed file. There is still a syntax to it, and that has to be taken into account. Inserting non-printable control characters would not only be a giant red flag, it would also most likely not work.

Vim
I have to disagree here. It is true that most edit...

It's not something that can always be picked up easily.

Alexander Gnatyuk
My statement is "there might be an editor that mig...

Unicode attacks on source code have gained traction in recent years. For reference: https://en.m.wikipedia.org/wiki/Trojan_Source http://unicode.org/reports/tr55/ https://unicode.org/reports/tr39/

Alexander-Gnatyuk Автор вопроса

Похожие вопросы

Обсуждают сегодня

Господа, а что сейчас вообще с рынком труда на делфи происходит? Какова ситуация?
Rꙮman Yankꙮvsky
29
А вообще, что может смущать в самой Julia - бы сказал, что нет единого стандартного подхода по многим моментам, поэтому многое выглядит как "хаки" и произвол. Короче говоря, с...
Viktor G.
2
@Benzenoid can you tell me the easiest, and safest way to bu.y HEX now?
Živa Žena
20
This is a question from my wife who make a fortune with memes 😂😂 About the Migration and Tokens: 1. How will the old tokens be migrated to the new $LGCYX network? What is th...
🍿 °anton°
2
30500 за редактор? )
Владимир
47
а через ESC-код ?
Alexey Kulakov
29
What is the Dex situation? Agora team started with the Pnetwork for their dex which helped them both with integration. It’s completed but as you can see from the Pnetwork ann...
Ben
1
Гайс, вопрос для разносторонее развитых: читаю стрим с юарта, нада выделять с него фреймы с определенной структурой, если ли чо готовое, или долбаться с ринг буффером? нада у...
Vitaly
9
Anyone knows where there are some instructions or discort about failed bridge transactions ?
Jochem
21
@lozuk how do I get my phex copies of my ehex from a atomic wallet, to move to my rabby?
Justfrontin 👀
11
Карта сайта