Cancelation token is a security risk #71503
-
|
You put Cancelation token all over your branches, but you didn't write the implementation of Cancelation token yourself, it's possible that people from dotnet can brick your app on the request of the FBI |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
But as the project is open source everyone can have a look at the source code and verify what, and how it does to get confidence if needed. For the shipped binaries one can use a "reflector" like IL-spy to have a look at the built-code to verify that either. Do you have concrete concerns on how someone could use CancellationTokens for mis-use? |
Beta Was this translation helpful? Give feedback.
-
|
This post has no technical basis and will only serve to undermine a focus on actual security concerns. Please don't post issues like this. We have locked this issue and banned this account. Thanks @gfoidl but there is no reason to engage. This is just a FUD post and clearly not a good faith intent to engage. |
Beta Was this translation helpful? Give feedback.
This post has no technical basis and will only serve to undermine a focus on actual security concerns.
Please don't post issues like this. We have locked this issue and banned this account.
Thanks @gfoidl but there is no reason to engage. This is just a FUD post and clearly not a good faith intent to engage.