Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If you give a competent attacker a single input line on your REPL, you are never again going to see an output line that they don't want you to see.


We're agreeing, here. I'm in fact suggesting you _shouldn't_ use the output from your database as input.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: