previously on this list Brian May contributed: > After the damage is done, probably easier to find the malware that did it
Assuming the damage is visible? > All rants aside, I believe there's a fairly wide agreement that we > should throw away binaries from builds. >> I'd encourage something slightly different and then I'd expand on it a >> bit. Sounds like a plan but perhaps if they are not already? these uploads should be enabled within their own apt sources line. Whilst malicious code can be hidden in source and accompanying packages such as via sidechannel attacks, any additional threats should be avoided or users enabled to avoid them where possible. -- _______________________________________________________________________ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) In Other Words - Don't design like polkit or systemd _______________________________________________________________________ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/783597.44818...@smtp131.mail.ir2.yahoo.com
