[ale] malicious make scripts
John Wells
jb at sourceillustrated.com
Mon Dec 2 23:37:21 EST 2002
Has there ever been a case of someone being bitten by a malicious make
script?
I'm usually careful to examine what something I've downloaded will do, but
have lately found myself becoming a bit lazy. It occurs to me that there
are many out in the big, bright world who never check make scripts. It
would seem the ideal place to put malicious code, as you often have to run
make install or the like as root. It would seemingly be easy to insert a
rm -fR / in the script...or am I missing something?
Just interested ;-).
Thanks,
John
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list