Reply to post: Isn't serialization something inherently scary?

Apache Struts you're stuffed: Vuln allows hackers to inject evil code into biz servers

Christian Berger

Isn't serialization something inherently scary?

I mean you turn an object, which can contain both data and code, into a binary blob, then you turn that blob back into data... and code. I mean if you send that binary blob accross the network, you should at least be scared that it's not compatible between different versions of your code.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon