Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.social/users/kornel/statuses/112187783363254917">Kornel (kornel@mastodon.social)'s status on Monday, 01-Apr-2024 03:49:09 JST</a><a href="https://mastodon.social/@kornel" title="kornel@mastodon.social"><img src="https://gnusocial.jp/avatar/17873-48-20230311172358.webp" width="48" height="48" alt="Kornel" style="position: absolute; left: 0; top: 0;">Kornel</a><div><a href="https://mastodon.social/@kornel/112187602051988269" rel="in-reply-to">in reply to</a></div></section><article><p>Seriously, in retrospect, <a href="https://mastodon.social/tags/autotools" rel="tag">#autotools</a> itself is a massive supply-chain security risk.</p><p>It has normalized shipping and running tens of thousands of lines of arbitrary executable code without any safeguards.</p><p>Code that is so mind-numbingly awful that nobody will review it, and written in a language that is full of gotchas that are sneaky eval gadgets.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2886131#notice-5734975">In conversation</a><time datetime="2024-04-01T03:49:09+09:00" title="Monday, 01-Apr-2024 03:49:09 JST">about a year ago</time> <span>from <span><a href="https://mastodon.social/@kornel/112187783363254917" rel="external" title="Sent from mastodon.social via ActivityPub">mastodon.social</a></span></span><a href="https://mastodon.social/@kornel/112187783363254917">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: www.risk.it</div><h5><a href="http://www.risk.it/">Home-Risk Management srl</a></h5><div></div></header><div>null-Pianificazione, progettazione e controllo dei processi aziendali|Contesto interno esterno , norme applicabili, scenari e impatti|Monitoraggio e vigilanza efficacia ed efficienza dei sistemi</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Kornel (kornel@mastodon.social)'s status on Monday, 01-Apr-2024 03:49:09 JST Kornel
in reply to
Seriously, in retrospect, #autotools itself is a massive supply-chain security risk.
It has normalized shipping and running tens of thousands of lines of arbitrary executable code without any safeguards.
Code that is so mind-numbingly awful that nobody will review it, and written in a language that is full of gotchas that are sneaky eval gadgets.
In conversationabout a year ago from mastodon.socialpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: www.risk.it
  Home-Risk Management srl
  null-Pianificazione, progettazione e controllo dei processi aziendali|Contesto interno esterno , norme applicabili, scenari e impatti|Monitoraggio e vigilanza efficacia ed efficienza dei sistemi

Public

Embed Notice

HTML Code

Corresponding Notice