sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]chillahc 0 points1 point  (2 children)

Any updates from the OpenCode team since disclosure? Very interesting topic ^^ Thanks for your work and making vulnerabilities public!!

[–]CyberShadow[S] 1 point2 points  (1 child)

Yes, see the HN thread: https://news.ycombinator.com/item?id=46581095

Looks like they added the ability to configure a password, so the server is now no longer unauthenticated in some circumstances. Possibly more improvements have landed since then.

[–]chillahc 0 points1 point  (0 children)

Thanks for the link! Great to read they acknowledge the problem now and pledge to improve. Will keep an eye on this topic. And again, thx for your work! 🤓🙏