I wouldn't categorise security as an "arbitrary concern". | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		DavidBuchanan on Dec 4, 2017 \| parent \| context \| favorite \| on: Using LD_PRELOAD to cheat, inject features and inv... I wouldn't categorise security as an "arbitrary concern".

AnIdiotOnTheNet on Dec 4, 2017 [–]

In order to exploit this you need to be able to write to the directory where the binary is.

"Security" is trotted out as an arbitrary concern quite often because a lot of security people don't have any concept of risk analysis or cost/benefit. If it was up to them no one would ever do anything because that way they can't make a mistake.

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact