| ▲ | bragr 2 hours ago | |
I think this is slightly less of a Cursor bug than a bit of a Windows quirk: Windows searches the current working directory for executables before resorting to the path variable. I imagine a lot of stuff is vulnerable to such an "attack" on Windows. | ||
| ▲ | shitter 2 hours ago | parent | next [-] | |
Yeah, but you can easily mitigate it by searching for the real git in known system locations and using whatever you find there (or allowing the user to configure the path). I believe that's how VSCode does it | ||
| ▲ | Chu4eeno 2 hours ago | parent | prev | next [-] | |
Yes, but it's an old known security gotcha people developing for Wintendo have to guard against. | ||
| ▲ | whateveracct 2 hours ago | parent | prev [-] | |
that sounds like Cursor has a bug and vuln on Windows to me | ||