惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
V
Visual Studio Blog
小众软件
小众软件
博客园 - 【当耐特】
Last Week in AI
Last Week in AI
Jina AI
Jina AI
云风的 BLOG
云风的 BLOG
腾讯CDC
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Y
Y Combinator Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Engineering at Meta
Engineering at Meta
量子位
美团技术团队
I
InfoQ
Martin Fowler
Martin Fowler
MyScale Blog
MyScale Blog
博客园 - 聂微东
阮一峰的网络日志
阮一峰的网络日志
Blog — PlanetScale
Blog — PlanetScale

LWN.net comments

important thing With hindsight, it was a code smell anyway [LWN.net] Intel bug workaround Browser A hurdle for the attacker? [LWN.net] Browser [LWN.net] schism status [LWN.net] PQC signing for distros relying on OpenPGP? [LWN.net] Browser [LWN.net] Browser [LWN.net] Browser [LWN.net] Better off keeping it vague [LWN.net] Browser [LWN.net] Complete opposite [LWN.net] A hurdle for the attacker? [LWN.net] Better off keeping it vague [LWN.net] Better off keeping it vague [LWN.net] Under 10 [LWN.net] With hindsight, it was a code smell anyway [LWN.net] With hindsight, it was a code smell anyway [LWN.net] A hurdle for the attacker? [LWN.net] A hurdle for the attacker? [LWN.net] A careful programmer... [LWN.net] PQC signing for distros relying on OpenPGP? [LWN.net] PQC signing for distros relying on OpenPGP? [LWN.net] PQC signing for distros relying on OpenPGP? [LWN.net] PQC signing for distros relying on OpenPGP? [LWN.net] Better off keeping it vague [LWN.net] It's a shame [LWN.net] Is your age restriction really necessary? [LWN.net] PQC signing for distros relying on OpenPGP? [LWN.net] Our editor-in-chief's inimitable dry humor [LWN.net] PQC signing for distros relying on OpenPGP? [LWN.net] schism status [LWN.net] Does using per-CPU variables in preemptable code make sense? [LWN.net] One option for dirty frag via selinux, dependent on user cases where ipsec is needed [LWN.net] Better off keeping it vague [LWN.net] Cost of LLMs in the cloud [LWN.net] Cost of LLMs in the cloud [LWN.net] everyone wins here [LWN.net] Thoughts from a younger generation.. [LWN.net] a bit of fishes vs bicycles comparison [LWN.net] Better off keeping it vague [LWN.net] Better off keeping it vague [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Better off keeping it vague [LWN.net] Better off keeping it vague [LWN.net] Better off keeping it vague [LWN.net] Some performance numbers? [LWN.net] workaround is okay [LWN.net] Better off keeping it vague [LWN.net] Thoughts from a younger generation.. [LWN.net] OpenWrt One still available for sale! [LWN.net] Does using per-CPU variables in preemptable code make sense? [LWN.net] Excellent communication [LWN.net] It's a shame [LWN.net] Fade out [LWN.net] Fade out [LWN.net] Which cards? [LWN.net] Which cards? [LWN.net] Better off keeping it vague [LWN.net] Hype isn't going anywhere at this rate [LWN.net] Per-CPU PGDs... [LWN.net] It's a shame [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] __set_flex_counter() and __flex_counter() [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] If you only want to work, why live? [LWN.net] Thoughts from a younger generation.. [LWN.net] If you only want to work, why live? [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] RISKS Archive [LWN.net] RISKS Archive [LWN.net] Origin of the quote. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] RISKS Archive [LWN.net] "Reproducible" sounds like a yes/no question but it's not [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net] Thoughts from a younger generation.. [LWN.net]
A hurdle for the attacker? [LWN.net]
hvd · 2026-05-23 · via LWN.net comments

A hurdle for the attacker?

Posted May 22, 2026 20:16 UTC (Fri) by hvd (guest, #128680)
In reply to: A hurdle for the attacker? by mcatanzaro
Parent article: Vulnerabilities in various GTK-based PDF readers

Even with the first version, in a technical sense it may have needed to be an absolute path, in a practical sense it did not: if a malicious file exploit.pdf knows it will likely reside at /home/user/Downloads/exploit.pdf and likely be opened by an application with /home/user as the current work directory, it can force an access to /proc/self/cwd/Downloads/exploit.pdf and not need to know the user's name.

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。