LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

The famous "./configure; make" - my custom version

The famous "./configure; make" - my custom version

Posted Mar 28, 2008 13:47 UTC (Fri) by DonDiego (subscriber, #24141)
In reply to: The famous "./configure; make" - my custom version by pr1268
Parent article: Striking gold in binutils 

The code needs not be intentionally malicious.  Just imagine that a Makefile contains a line
like

  rm -rf $(VARIABLE)/path/to/somewhere

Now if $(VARIABLE) happens to be empty (perhaps only in your nonstandard configuration and not
on the developer's machine), pray that there is nothing important below /path/to/somewhere ...

That's just a simple example, it's easy to come up with more.  It's not so much about
protection against malice, but protection against accidents.  Accidents do happen, it's a fact
of life.  If you want to drive without a seatbelt, all I can wish you is good luck...

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds