[GoLUG] Writing an internet server
Kevin Chadwick
kc-golug at chadwicks.me.uk
Thu Aug 21 07:01:09 EDT 2025
On 20/08/2025 22:54, Ron wrote:
> A JS vulnerability / malware can't generally do that, that level of hack
> is gonna be highly valuable and targeted.
Though every browser security event has shown that the sandbox can be bypassed
at least with a js engine memory bug that turns up often. Sometimes they say
bypassing the sandbox was easy and sometimes they say it was the hardest part.
Agreed on Python dependencies and js dependencies being a security issue that is
hard to deal with especially with so much churn (primagen labelled it js fatigue
recently).
P.s. Steve Litt. I assume you know about stunnel, if you want TLS off the bat
(enable TLS 1.3 only IMO).
More information about the GoLUG
mailing list