Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://hachyderm.io/users/leftpaddotpy/statuses/112182870989643153">jade (leftpaddotpy@hachyderm.io)'s status on Sunday, 31-Mar-2024 04:54:39 JST</a><a href="https://hachyderm.io/@leftpaddotpy" title="leftpaddotpy@hachyderm.io"><img src="https://gnusocial.jp/avatar/179725-48-20230927083107.webp" width="48" height="48" alt="jade" style="position: absolute; left: 0; top: 0;">jade</a><div><a href="https://hachyderm.io/@leftpaddotpy/112182864565024236" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/40873" title="dalias@hachyderm.io">Rich Felker</a></li><li><a href="https://gnusocial.jp/user/149449" title="alanc@fosstodon.org">Alan Coopersmith</a></li></ul></div></section><article><p><a href="https://nixos.paris/@raito">@raito</a> <a href="https://fosstodon.org/@alanc">@alanc</a> <a href="https://hachyderm.io/@dalias">@dalias</a> wonder if the solution here is to construct things to evaluate whether an autoconf script is one that could have been generated by any released version of autoconf and check the maintainers' work, so we could find out if there's malicious stuff going on (even if distros just ignore the release tarball anyway)</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2879252#notice-5727584">In conversation</a><time datetime="2024-03-31T04:54:39+09:00" title="Sunday, 31-Mar-2024 04:54:39 JST">about 8 months ago</time> <span>from <span><a href="https://hachyderm.io/@leftpaddotpy/112182870989643153" rel="external" title="Sent from hachyderm.io via ActivityPub">hachyderm.io</a></span></span><a href="https://hachyderm.io/@leftpaddotpy/112182870989643153">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
jade (leftpaddotpy@hachyderm.io)'s status on Sunday, 31-Mar-2024 04:54:39 JSTjade
in reply to
@raito @alanc @dalias wonder if the solution here is to construct things to evaluate whether an autoconf script is one that could have been generated by any released version of autoconf and check the maintainers' work, so we could find out if there's malicious stuff going on (even if distros just ignore the release tarball anyway)
In conversationabout 8 months ago from hachyderm.iopermalink

Public

Embed Notice

HTML Code

Corresponding Notice