[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Behaviour of Build / Configure in GNU programs
|
From: |
John Darrington |
|
Subject: |
Behaviour of Build / Configure in GNU programs |
|
Date: |
Tue, 7 Jul 2015 07:17:40 +0200 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
I'm seeing an increasing number of programs, whose configure and/or makefile
have been written, to open a connection to some remote url (usually controlled
by the project) download file(s) from there and build them into the software.
I think this is a bad idea, from many points of view: Scalability, Security and
Reproducability. I haven't found any such instances in GNU Software, but I
think we should put a statement about it in the GCS.
J'
--
PGP Public key ID: 1024D/2DE827B3
fingerprint = 8797 A26D 0854 2EAB 0285 A290 8A67 719C 2DE8 27B3
See http://sks-keyservers.net or any PGP keyserver for public key.
signature.asc
Description: Digital signature
- Behaviour of Build / Configure in GNU programs,
John Darrington <=
- Re: Behaviour of Build / Configure in GNU programs, Alfred M. Szmidt, 2015/07/07
- Re: Behaviour of Build / Configure in GNU programs, Karl Berry, 2015/07/07
- Re: Behaviour of Build / Configure in GNU programs, John Darrington, 2015/07/07
- Re: Behaviour of Build / Configure in GNU programs, Mathieu Lirzin, 2015/07/08
- Re: Behaviour of Build / Configure in GNU programs, John Darrington, 2015/07/08
- Re: Behaviour of Build / Configure in GNU programs, Mathieu Lirzin, 2015/07/08
- Re: Behaviour of Build / Configure in GNU programs, John Darrington, 2015/07/08
- Re: Behaviour of Build / Configure in GNU programs, Mathieu Lirzin, 2015/07/08
- Re: Behaviour of Build / Configure in GNU programs, Paul Smith, 2015/07/08