Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Local access is a bit of a misnomer though, a vulnerable website can be tricked into running a script


True but that requires another vulnerability.

It's security in depth. You build your server in a way that it doesn't allow remote code execution, and then you run it with an unprivileged user so that if it does allow it, the consequences are limited. And if running arbitrary code is a feature (you are github or whatever) you use VMs.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: