[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: lua bytecode and sandbox evasion ?
- From: "Soni L." <fakedme@...>
- Date: Tue, 13 Sep 2016 21:18:48 -0300
On 13/09/16 09:04 PM, Peter Cawley wrote:
Yes, it is known, and credible. Defence is to not load untrusted
bytecode, or to build your sandboxes at the OS level rather than the
another link you might be interested in.
On Wednesday, 14 September 2016, tst2005 <firstname.lastname@example.org
I would like to know if the bug/vulnerability is already known ?
Is there a CVE number ?
I'm still trying to reproduce, but it seems credible.
Sign/encrypt your bytecode.
Disclaimer: these emails may be made public at any given time, with or without reason. If you don't agree with this, DO NOT REPLY.