It has been actively exploited in security-oriented messaging apps like Signal Desktop. So it has a history of ab(using) this PoC. And I'm not really sure that most people who download random plugins with 0 history of security audits to their electron-based editors, have their environments sandboxed for the sake of potential incident.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I'm not necessarily speaking about the concept of touch-screen-oriented dev tools.
YesโElectron brings resource management and security concerns. I see it more as proof of concept in a way.
It has been actively exploited in security-oriented messaging apps like Signal Desktop. So it has a history of ab(using) this PoC. And I'm not really sure that most people who download random plugins with 0 history of security audits to their electron-based editors, have their environments sandboxed for the sake of potential incident.