I am referencing this article.
Question: how could such an attack be executed if the application code were non-writeable?
For instance, when deploying to a different, secure site, and mounting the code to the website nullfs-readonly?
I was trying to do that, but web framework developers take measures to make it impossible, i.e. they put code into the framework, which, when run from a readonly filesystem, will deliberately crash the application, so that this becomes impossible.
Question: how could such an attack be executed if the application code were non-writeable?
For instance, when deploying to a different, secure site, and mounting the code to the website nullfs-readonly?
I was trying to do that, but web framework developers take measures to make it impossible, i.e. they put code into the framework, which, when run from a readonly filesystem, will deliberately crash the application, so that this becomes impossible.