Techly NewsGet the app

Get the latest tech news

Writing "/etc/hosts" breaks the Substack editor


An exploration of web security mechanisms and their unexpected consequences

Every time I typed the path to the hosts file (/etc/h*sts- intentionally obfuscated to avoid triggering the very issue I'm discussing), my Substack editor would display a "Network Error" and fail to autosave my draft. A pattern emerged: paths to common Linux system configuration files were triggering errors, while slight variations sailed through. If the web application doesn't properly sanitize this input before using it in a system command, it could execute the attacker's code and reveal sensitive information.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of hosts

hosts

Photo of Substack

Substack

Photo of Substack editor

Substack editor

Related news:

News photo

Substack Says It'll Legally Defend Writers 'Targeted By the Government'

News photo

Substack updated its app to make it even more like TikTok

News photo

Substack is rolling out a TikTok-like video feed in its app

« Eurorack Knob Idea
Don't fear getting fired if you have ADHD »