Hacker News new | past | comments | ask | show | jobs | submit login

GNU Make allows arbitrary code execution during the build.



What's the problem with that, exactly?


You bet it does, and that's exactly what's needed! What's the problem with that, again?


Yep. If you're running it for a build, you're running unprivilaged - chrooted, jailed, or zoned if you want to be really safe - and if you're running it for install, than you trust the software in any case. And because makefiles are fairly transparent, you can check what the install is doing beforehand.




Consider applying for YC's first-ever Fall batch! Applications are open till Aug 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: