Comment by ethbr1 2 years ago Do some companies intend for their platform to feature remote code execution? 4 comments ethbr1 Reply coldtea 2 years ago Some might very well do. E.g. a company with a service for training hackers and security researchers.In this case the question is moot, as this doesn't involve remote code execution. ethbr1 2 years ago Make a general point, get a general answer.If the criteria for bug is "not intended", and that's solely judged by the company, then broken auth et al. suddenly become part of their product design.If it quacks like a bug, it's a bug. jen20 2 years ago Remote code execution is literally a feature of GitHub… ethbr1 2 years ago Sandboxed code execution is a bit different than RCE.
coldtea 2 years ago Some might very well do. E.g. a company with a service for training hackers and security researchers.In this case the question is moot, as this doesn't involve remote code execution. ethbr1 2 years ago Make a general point, get a general answer.If the criteria for bug is "not intended", and that's solely judged by the company, then broken auth et al. suddenly become part of their product design.If it quacks like a bug, it's a bug.
ethbr1 2 years ago Make a general point, get a general answer.If the criteria for bug is "not intended", and that's solely judged by the company, then broken auth et al. suddenly become part of their product design.If it quacks like a bug, it's a bug.
jen20 2 years ago Remote code execution is literally a feature of GitHub… ethbr1 2 years ago Sandboxed code execution is a bit different than RCE.
Some might very well do. E.g. a company with a service for training hackers and security researchers.
In this case the question is moot, as this doesn't involve remote code execution.
Make a general point, get a general answer.
If the criteria for bug is "not intended", and that's solely judged by the company, then broken auth et al. suddenly become part of their product design.
If it quacks like a bug, it's a bug.
Remote code execution is literally a feature of GitHub…
Sandboxed code execution is a bit different than RCE.