VIMKiller icon indicating copy to clipboard operation
VIMKiller copied to clipboard

Published 20 hours ago verified publisher icon caseykneale

Security issue

Open Kyuuhachi opened this issue 3 years ago • 0 comments

Currently, the Julia script doesn't perform any authentication at all. There's no protection from faux VIMKiller devices, which means any malignant actor who has at any time had physical access to your computer could remotely kill Vim at any time. While this service would of course be greatly appreciated, it still makes me feel a bit nervous.

Even worse, they could create a MitM device that silently rewrites any KillVIM! commands to DontKillVIM!, which would have disastrous consequences.

Kyuuhachi avatar Nov 27 '20 14:11 Kyuuhachi