[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GNU Coding Standards, automake, and the recent xz-utils backdoor
From: |
Richard Stallman |
Subject: |
Re: GNU Coding Standards, automake, and the recent xz-utils backdoor |
Date: |
Fri, 05 Apr 2024 17:42:32 -0400 |
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
> > Can anyone think of a feasible way to prevent this sort of attack?
> A common way would be to use PGP signing to bless a set of files.
> Perhaps a manifest which specifies the file names/paths and their sha256
> would be sufficient. But there needs to be a way to augment this in
> case there are multiple collections of blessed files, including those
> blessed by the user.
Could you make that last part more precise and clear>
> > What is an "OS package manager"?
> A popular OS package manager is Debian 'apt'
Thanks, now I know what you meant.
--
Dr Richard Stallman (https://stallman.org)
Chief GNUisance of the GNU Project (https://gnu.org)
Founder, Free Software Foundation (https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, (continued)
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Bob Friesenhahn, 2024/04/02
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Karl Berry, 2024/04/02
- Re: compressed release distribution formats (was: GNU Coding Standards, automake, and the recent xz-utils backdoor), Jacob Bachmeyer, 2024/04/02
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Richard Stallman, 2024/04/02
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Richard Stallman, 2024/04/02
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Richard Stallman, 2024/04/02
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Richard Stallman, 2024/04/02
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Bob Friesenhahn, 2024/04/02
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor,
Richard Stallman <=
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Jacob Bachmeyer, 2024/04/02
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Alfred M. Szmidt, 2024/04/03
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Richard Stallman, 2024/04/02