How to fix the whole catagory of shell injection
How to fix the whole catagory of shell injection
Posted Dec 6, 2024 21:14 UTC (Fri) by jwarnica (subscriber, #27492)In reply to: How to fix the whole catagory of shell injection by wahern
Parent article: Abusing Git branch names to compromise a PyPI package
The SQL world mostly figured this out decades ago (if not always used) with parameters, basically making injection attacks impossible.