The code needs not be intentionally malicious. Just imagine that a Makefile contains a line like rm -rf $(VARIABLE)/path/to/somewhere Now if $(VARIABLE) happens to be empty (perhaps only in your nonstandard configuration and not on the developer's machine), pray that there is nothing important below /path/to/somewhere ... That's just a simple example, it's easy to come up with more. It's not so much about protection against malice, but protection against accidents. Accidents do happen, it's a fact of life. If you want to drive without a seatbelt, all I can wish you is good luck...
Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds