top | item 41616478

(no title)

Yeah, one CVE is literally "You can use the MacOS variant of LD_PRELOAD on the client to hook libc calls! Oh no!!" This is a bogus CVE; any application can perform arbitrary actions when its system calls are hooked, but it requires such a strong threat model that the adversary realistically gains no ground by doing so.

("A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment")

discuss

saagarjha|1 year ago

You will note that the PR strengthens that model regardless.

nepthar|1 year ago

Yeah, it's strange to me that's a CVE. That seems like "working as intended" if I, the owner of the machine, want to load other libraries, why shouldn't it respect that?