Yea, I was wondering about that; but the risk feels similar to a browser RCE to ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tekromancr on March 3, 2022 \| parent \| context \| favorite \| on: Show HN: DontBeEvil.rip: Search, for developers (A... Yea, I was wondering about that; but the risk feels similar to a browser RCE to me. Maybe it's higher because browsers are more widely used/analyzed; but then again, a browser RCE has a much wider range of targets with more opportunities to exploit

dundarious on March 3, 2022 [–]

Even just having the potential for the terminal to interpret escape codes is frustrating. Always pipe remote output to `less` or `less -R` (not `less -r`).

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact