@postmodern_mod3 is there any reason you aren't using SafeYAML with bundler-audit?
-
-
Replying to @postmodern_mod3
@postmodern_mod3 you "control" the YAML until there's another@homakov-style Github compromise ;)2 replies 0 retweets 0 likes -
Replying to @bascule
@bascule@postmodern_mod3@homakov I don’t usually own repos, but when I do I put a noisy exploit in a YAML instead of backdooring the code3 replies 1 retweet 1 like -
Replying to @rantyben
@rantyben@bascule@homakov here's the list of classes available to bundler-audit that define #[]= http://pastebin.com/xRLzuYTw Can you get eval?1 reply 0 retweets 0 likes -
Replying to @postmodern_mod3
@postmodern_mod3@rantyben@homakov can you decrypt http://kryptochef.net/indexh2e.htm ciphertexts? Nope? Must be secure then, right?1 reply 0 retweets 0 likes
Replying to @postmodern_mod3
@postmodern_mod3 @rantyben @homakov see DM
6:40 PM - 4 Dec 2013
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.