Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
dragonwriter
on Dec 14, 2018
|
parent
|
context
|
favorite
| on:
Remote code execution vulnerability in SQLite
Doesn't Chromium (like lots of other software) embed SQLite? So using Chromium would be (a potentially easily overlooked way) of using SQLite?
ronsor
on Dec 14, 2018
|
next
[–]
Yes it does, and it makes sense to mention it because Chrome and Chromium are very popular and widespread, but many may not know it uses SQLite.
ru999gol
on Dec 15, 2018
|
parent
|
next
[–]
Its a fairly special case where any website can execute arbitrary SQL due to WebDB. It should be mentioned that this is deprecated:
https://hacks.mozilla.org/2010/06/beyond-html5-database-apis...
zaphar
on Dec 15, 2018
|
root
|
parent
|
next
[–]
Yeah and that deprecated feature will probably still be around failing to totally die a decade from now.
cjensen
on Dec 15, 2018
|
prev
[–]
That would be "Chromium
and
SQLite", which is a combination that makes sense. "Or" doesn't make sense.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
