Why Code Security Matters - Even in Hardened Environments | Sonar
06-Nov-2024 146
Infrastructure hardening makes applications more resilient to attacks. These measures raise the bar for attackers, making exploitation more difficult. However, they should not be seen as a silver bullet, as determined attackers can still leverage vulnerabilities in the source code.
In this blog post, we will highlight the importance of fundamental code security by showcasing a technique that attackers can use to turn a file write vulnerability in a Node.js application into remote code execution – even though the target’s file system is mounted read-only. The technique thwarts the restrictions applied in a hardened environment like this by leveraging exposed pipe file descriptors to gain code execution.
Why Code Security Matters - Even in Hardened Environments | Sonar #js #javascript #Security #Matters #Hardened #Environments #Sonar #code #environments #security https://javascript.ba/link/why-code-security-matters-even-in-hardened-environments-sonar