1 post
fork+exec inherits file descriptors, environment, and capabilities by default. That inheritance is the bug class behind Shellshock, runc CVE-2019-5736, and Symbiote.
