User: Password:
|
|
Subscribe / Log in / New account

The famous "./configure; make" - my custom version

The famous "./configure; make" - my custom version

Posted Mar 28, 2008 13:47 UTC (Fri) by DonDiego (guest, #24141)
In reply to: The famous "./configure; make" - my custom version by pr1268
Parent article: Striking gold in binutils

The code needs not be intentionally malicious.  Just imagine that a Makefile contains a line
like

  rm -rf $(VARIABLE)/path/to/somewhere

Now if $(VARIABLE) happens to be empty (perhaps only in your nonstandard configuration and not
on the developer's machine), pray that there is nothing important below /path/to/somewhere ...

That's just a simple example, it's easy to come up with more.  It's not so much about
protection against malice, but protection against accidents.  Accidents do happen, it's a fact
of life.  If you want to drive without a seatbelt, all I can wish you is good luck...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds