A new RCE in Git caught my attention on a recent security feed, labeled CVE-2024-32002. The idea of an RCE being triggered through a simple git clone command fascinated me. Given Git’s ubiquity and the widespread use of the clone command, I was instantly intrigued. Could something as routine as cloning a repository really open the door to remote code execution? My curiosity was piqued, and I had to investigate. Plus, who doesn’t want an excuse to break stuff in the name of research?
It is not a security measure, per se. Security by obscurity is where you rely upon some fact which you think is not known to an attacker. The problem with this type of "security" is that, once the fact is disclosed, the security scheme is rendered entirely useless.
Relying on just SBO is useless, agreed. I think using it in addition so solid security reduces the attack surface which aids reduced attempts and ups the level of difficulty required to complete a successful attack.
