On Thu, Feb 13, 2014 at 07:46:53PM +0100, Jakub Wilk wrote: > *shrug* It's not like it's difficult to hide malicious code in > source packages. > > How many configure scripts that we never rebuild from source > contains trojans?
Just like my favourite Russ quote: Basically, people got tired of portability problems in building shared libraries so they hid them all inside a multi-thousand line shell script where no one can ever find them because everyone who tries goes blind. -- Russ Allbery -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140213211244.ga31...@riva.ucam.org
