Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>Would you expect that a user input like "{secret} please" is interpolated?

That's basically what the recent log4j security vulnerability was all about. "Helpfully" interpolating logs by default.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: