116·
7 days agoHere are the steps:
- The attacker creates a standard Git repository.
- They commit a single symbolic link pointing to a sensitive target.
- Using the PutContents API, they write data to the symlink. The system follows the link and overwrites the target file outside the repository.
- By overwriting .git/config (specifically the sshCommand), the attacker can force the system to execute arbitrary commands–
amazing.
The wire will cause the entire image to become a little bit darker.
in a telescope light travels in many paths from start to finish. so a single wire will have a very soft shadow, which stretches over the entire image. This works because the wire is well within the focal length. If the wire was exactly at the focal length, it’s shadow would be sharp, but the farther away it is from the focal length, the softer the shadow will become.
edit: when the object is exactly at the center of the image, then I think it will still cast a sharp shadow, because all the light-paths that go through the center, stay close to the center. Not sure though