💾 Archived View for rawtext.club › ~sloum › geminilist › 006376.gmi captured on 2024-03-21 at 16:27:18. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-11-30)
-=-=-=-=-=-=-
Ben Goldberg ben at benaaron.dev
Fri Apr 16 12:11:14 BST 2021
- - - - - - - - - - - - - - - - - - -
Know security issues
#
<https://sr.ht/~zethra/stargazer/#root-escape---pre-040>Root
escape - pre 0.4.0
Stargazer would serve files from anywhere on the file system if a path
starting with // was requested.
Yes, that is fixed in the current version! (maybe I should make that more clear in the readme) An embarrassing bug, but better to be honest about it.
stargazer is written in Rust and doesn't have any runtime dependencies(including OpenSSL). If you're on Linux, you can grab a binary from here[1] or compile it yourself. The provided binary is compiled against musl so it *should* work regardless of distro. It should also work on other OSs but I haven't done much testing. If you run into any issues please send an email to the stargazer mailing list[2].
[1]: https://git.sr.ht/~zethra/stargazer/refs/download/0.4.0/stargazer-0.4.0-x86_64-linux-musl.tar.xz[2]: https://lists.sr.ht/~zethra/stargazer