This is why things like SELinux exist, combine with separate binaries for the functionality that impacts things outside of the store to quickly minimize possible damage. If the binary can only create links the possible damage is quite limited.
But the much more dangerous modification is much more subtle and can go months to years without being noticed. To which there is no defense. As there is no way to know when a person you trust will go crazy, turn evil or flip the switch they planned many years ago. Heck, the possible exploits that could be in the bootstrap seeds could so subtle you wouldn't notice or even hidden in the kernel itself: https://gitlab.com/bauen1/stage0-backdoor.git Making reviews by third parties cheap, make forking cheap and never assuming that anyone should be completely trusted is usually a secure place to start. And why the bootstrap seeds README starts with: NEVER TRUST ANYTHING IN HERE I could be evil after all -Jeremiah
