https://packetstormsecurity.com/files/139257/Sublime-Text-Editor-3-DLL-Hijacking.html
This site lists a vulnerability that has been present for some time. Are there any plans to patch it?
https://packetstormsecurity.com/files/139257/Sublime-Text-Editor-3-DLL-Hijacking.html
This site lists a vulnerability that has been present for some time. Are there any plans to patch it?
If someone can place bad DLLs without you knowing in your C:\program files\ folders you have bigger problems.
In fact, with pybind11 anyone can just write a Sublime plugin that interacts with compiled code.
I’d say be a responsible adult/developer and keep an eye on your filesystem.
While technically this can happen, the nature of Sublime Text means that Python packages can do pretty much anything the user has privileges for.
Generally the install directory is under UAC, which would prevent this. And packages are not, so from a threat perspective, this doesn’t seem like something worth spending time on.
I think the idea of a DLL hijack attack is that if the program loads DLLs from a user-writeable directory (ie., a location that you don’t need admin privileges to write to such as the current working directory), then malware can create compromised DLLs there in the hopes that the program will be run as admin at some point and those DLLs will have free reign.
The fix is to load DLLs only from system or program installation directories that require admin privilege to write to.