Hacker News new | past | comments | ask | show | jobs | submit login

merely keeping build and test environments isolated would have entirely prevented this attack.

better hygeine that way would also simplify both environments, since the tools for each are fairly different.




How are they different? Both use make and the C compiler.

xz is not different in this respect from any other C, C++, Go or Rust program.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: