Imagine putting private code online lol.
Anyone can Access Deleted and Private Repository Data on GitHub.
Submitted 3 months ago by ModerateImprovement@sh.itjust.works to technology@lemmy.world
https://trufflesecurity.com/blog/anyone-can-access-deleted-and-private-repo-data-github
Comments
radivojevic@discuss.online 3 months ago
TrickDacy@lemmy.world 3 months ago
Of course it should only be on 5.25" floppy disk
radivojevic@discuss.online 3 months ago
Typewriter.
sem@lemmy.ml 3 months ago
The title is very click bait imo. It is not about any private data. It is a very specific case of deleted fork of the public repository. It is a bug, of course. But it doesn’t look so serious as I was thinking when saw the title.
tyler@programming.dev 3 months ago
It was purposefully designed that way so it’s not a bug. It’s just bad design. Like they say at the end of the article, people view private vs public as a security boundary. So it’s incredibly surprising and unintuitive behavior that has clearly resulted in security breaches.