Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://hachyderm.io/users/dalias/statuses/112191879970855069">Rich Felker (dalias@hachyderm.io)'s status on Monday, 01-Apr-2024 10:06:55 JST</a><a href="https://hachyderm.io/@dalias" title="dalias@hachyderm.io"><img src="https://gnusocial.jp/avatar/40873-48-20221207231635.webp" width="48" height="48" alt="Rich Felker" style="position: absolute; left: 0; top: 0;">Rich Felker</a><div><a href="https://hachyderm.io/@dalias/112191757003413209" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/111562" title="timbray@cosocial.ca">Tim Bray</a></li><li><a href="https://gnusocial.jp/user/149449" title="alanc@fosstodon.org">Alan Coopersmith</a></li></ul></div></section><article><p><a href="https://cosocial.ca/@timbray">@timbray</a> <a href="https://fosstodon.org/@alanc">@alanc</a> <a href="https://mstdn.social/@josephholsten">@josephholsten</a> A good autoconf replacement would have the actual executable script "configure" file be immutable and data driven, so the big complex logic is known to be non-malicious just by matching upstream hash &amp; local behavior is in human-comprehensible data.</p><p>It would support only collection of building-user's preferences, dep search, and compile/link checks using selected tools - not executing arbitrary code at config time.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2879252#notice-5736860">In conversation</a><time datetime="2024-04-01T10:06:55+09:00" title="Monday, 01-Apr-2024 10:06:55 JST">about 10 months ago</time> <span>from <span><a href="https://hachyderm.io/@dalias/112191879970855069" rel="external" title="Sent from hachyderm.io via ActivityPub">hachyderm.io</a></span></span><a href="https://hachyderm.io/@dalias/112191879970855069">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/881518">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Monday, 01-Apr-2024 10:06:55 JSTRich Felker
in reply to
@timbray @alanc @josephholsten A good autoconf replacement would have the actual executable script "configure" file be immutable and data driven, so the big complex logic is known to be non-malicious just by matching upstream hash & local behavior is in human-comprehensible data.
It would support only collection of building-user's preferences, dep search, and compile/link checks using selected tools - not executing arbitrary code at config time.
In conversationabout 10 months ago from hachyderm.iopermalink
Attachments
1. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice