[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GNU Coding Standards, automake, and the recent xz-utils backdoor
From: |
Richard Stallman |
Subject: |
Re: GNU Coding Standards, automake, and the recent xz-utils backdoor |
Date: |
Mon, 01 Apr 2024 18:49:52 -0400 |
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
> `distcheck` target's prominence to recommend it in the "Standard
> Targets for All Users" section of the GCS?
> Replying as an Automake developer, I have nothing against it in
> principle, but it's clearly up to the GNU coding standards
> maintainers. As far as I know, that's still rms (for anything
> substantive)
To make a change in the coding standards calls for a clear and
specific proposal. If people think a change is desirable, I suggest
making one or more such proposals.
Now for a bit of speculation. I speculate that a cracker was careless
and failed to adjust certain details of a bogus tar ball to be fully
consistent, and that `make distcheck' enabled somene to notice those
errors.
I don't have any real info about whether that is so. If my
speculation is mistaken, please say so. But supposing it is correct:
If we had publicized `make distcheck' more, would that have been
likely to help people detect the bogus tar ball sooner? Or would it
have been likely to help the cracker be more careful about avoiding
such signs? Would they balance out?
--
Dr Richard Stallman (https://stallman.org)
Chief GNUisance of the GNU Project (https://gnu.org)
Founder, Free Software Foundation (https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, (continued)
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Jacob Bachmeyer, 2024/04/02
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Bruno Haible, 2024/04/02
- Re: checking aclocal m4 files (was: GNU Coding Standards, automake, and the recent xz-utils backdoor), Jacob Bachmeyer, 2024/04/02
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Richard Stallman, 2024/04/04
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Bruno Haible, 2024/04/04
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Sam James, 2024/04/05
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Richard Stallman, 2024/04/08
- Re: detecting modified m4 files (was: GNU Coding Standards, automake, and the recent xz-utils backdoor), Jacob Bachmeyer, 2024/04/07
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Richard Stallman, 2024/04/04
Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Jacob Bachmeyer, 2024/04/02
Re: GNU Coding Standards, automake, and the recent xz-utils backdoor,
Richard Stallman <=
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Jacob Bachmeyer, 2024/04/02
- Re: GNU Coding Standards, automake, and the recent xz-utils backdoor, Richard Stallman, 2024/04/04
- Re: GCC reporting piped input as a security feature (was: GNU Coding Standards, automake, and the recent xz-utils backdoor), Jacob Bachmeyer, 2024/04/06
- Re: GCC reporting piped input as a security feature (was: GNU Coding Standards, automake, and the recent xz-utils backdoor), Richard Stallman, 2024/04/08
- Re: GCC reporting piped input as a security feature, Jacob Bachmeyer, 2024/04/08
- Re: GCC reporting piped input as a security feature, Jan Engelhardt, 2024/04/09
- Re: GCC reporting piped input as a security feature, Jacob Bachmeyer, 2024/04/09
- Re: GCC reporting piped input as a security feature, Zack Weinberg, 2024/04/11
- Re: GCC reporting piped input as a security feature, Jacob Bachmeyer, 2024/04/12
Re: GCC reporting piped input as a security feature (was: GNU Coding Standards, automake, and the recent xz-utils backdoor), Richard Stallman, 2024/04/08