Great writeup. Every language should add os.Root-like APIs to their standard libraries, it's great. I used a very stripped down version in SecureDrop after we had a few path traversal issues, and now, if you use the correct API, it's eliminated as an entire class of vulnerability.
legoktm | an hour ago
Great writeup. Every language should add os.Root-like APIs to their standard libraries, it's great. I used a very stripped down version in SecureDrop after we had a few path traversal issues, and now, if you use the correct API, it's eliminated as an entire class of vulnerability.