Re: when will we finally throw away binary uploads (Re: Please upgrade your build environment when you are affected by transition

To: debian-devel@lists.debian.org
Subject: Re: when will we finally throw away binary uploads (Re: Please upgrade your build environment when you are affected by transition
From: Colin Watson <cjwatson@debian.org>
Date: Thu, 13 Feb 2014 21:12:44 +0000
Message-id: <[🔎] 20140213211244.GA31976@riva.ucam.org>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20140213184653.GA5700@jwilk.net>
References: <[🔎] 1392295131.23481.82943513.2A8023E7@webmail.messagingengine.com> <[🔎] 201402131713.36134.holger@layer-acht.org> <[🔎] CAFggDF1iGi23FAhWHsSWhSAcE1XSVViWNOb+i5n+SkYH4bq3_A@mail.gmail.com> <[🔎] 20140213184653.GA5700@jwilk.net>

On Thu, Feb 13, 2014 at 07:46:53PM +0100, Jakub Wilk wrote:
> *shrug* It's not like it's difficult to hide malicious code in
> source packages.
> 
> How many configure scripts that we never rebuild from source
> contains trojans?

Just like my favourite Russ quote:

  Basically, people got tired of portability problems in building shared
  libraries so they hid them all inside a multi-thousand line shell script
  where no one can ever find them because everyone who tries goes blind.
   -- Russ Allbery

-- 
Colin Watson                                       [cjwatson@debian.org]

Reply to:

Follow-Ups:
- Re: when will we finally throw away binary uploads (Re: Please upgrade your build environment when you are affected by transition
  - From: Sam Hartman <hartmans@debian.org>

References:
- Please upgrade your build environment when you are affected by transition
  - From: Ondřej Surý <ondrej@sury.org>
- when will we finally throw away binary uploads (Re: Please upgrade your build environment when you are affected by transition
  - From: Holger Levsen <holger@layer-acht.org>
- Re: when will we finally throw away binary uploads (Re: Please upgrade your build environment when you are affected by transition
  - From: Jacob Appelbaum <jacob@appelbaum.net>
- Re: when will we finally throw away binary uploads (Re: Please upgrade your build environment when you are affected by transition
  - From: Jakub Wilk <jwilk@debian.org>

Prev by Date: Re: when will we finally throw away binary uploads (Re: Please upgrade your build environment when you are affected by transition
Next by Date: Re: when will we finally throw away binary uploads (Re: Please upgrade your build environment when you are affected by transition
Previous by thread: Re: when will we finally throw away binary uploads (Re: Please upgrade your build environment when you are affected by transition
Next by thread: Re: when will we finally throw away binary uploads (Re: Please upgrade your build environment when you are affected by transition
Index(es):
- Date
- Thread