A backdoor in xz
A backdoor in xz
Posted Mar 31, 2024 16:01 UTC (Sun) by vegard (subscriber, #52330)In reply to: A backdoor in xz by fghorow
Parent article: A backdoor in xz
Yes, sorry -- it was hacked up in a couple of hours in anticipation of the report going live. The script was tested by 3-4 people in private before it got posted, but it obviously had some flaws. It was also meant for advanced users, in a way (think organizations or system administrators who can adapt it to their systems, not necessarily end users). I felt it was better to keep the script short and readable as opposed to trying to adapt it to every possible configuration, as that would have made it harder trust (as in: here's yet another shell script doing who-knows-what...).
Posted Mar 31, 2024 16:05 UTC (Sun)
by fghorow (subscriber, #5229)
[Link]
You absolutely made the right call in keeping it simple, IMHO. Thank you.
A backdoor in xz
My comment was made as a "heads up" and it was not intended as criticism of your script.