Here is the workflow I am using to generate simple text documents (resume, cover letters, etc.) from Markdown, YAML and Jinja2 templates.
Trying to bring back some old IP spoofing Firefox extension for watching South Park episodes.
In the previous episode, I talked about some argument and shell command injections vulnerabilities through URIs passed to browsers. Here I am evaluating some other CVEs which were registered at the same time (not by me).
I found an argument injection vulnerability
related to the handling of the BROWSER
environment variable
in sensible-browser
.
This lead me (and others) to a a few other argument and shell command injection
vulnerabilities in BROWSER
processing and browser invocation in general.
In Tail Recursion In Python, Chris Penner implements (self) tail-call optimization (TCO) in Python using a function decorator. Here I am extending the approach for sibling calls.