GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Kornel (kornel@mastodon.social)'s status on Monday, 01-Apr-2024 03:49:09 JST Kornel Kornel

    People are afraid of running unaudited `curl | sh`, but nobody bats an eye on 24707 lines of obfuscated garbage in `./configure`.

    #xz

    In conversation about a year ago from mastodon.social permalink
    • GreenSkyOverMe (Monika) repeated this.
    • Embed this notice
      Kornel (kornel@mastodon.social)'s status on Monday, 01-Apr-2024 03:49:09 JST Kornel Kornel
      in reply to

      Seriously, in retrospect, #autotools itself is a massive supply-chain security risk.

      It has normalized shipping and running tens of thousands of lines of arbitrary executable code without any safeguards.

      Code that is so mind-numbingly awful that nobody will review it, and written in a language that is full of gotchas that are sneaky eval gadgets.

      In conversation about a year ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: www.risk.it
        Home-Risk Management srl
        null-Pianificazione, progettazione e controllo dei processi aziendali|Contesto interno esterno , norme applicabili, scenari e impatti|Monitoraggio e vigilanza efficacia ed efficienza dei sistemi

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.