Am Dienstag, dem 02.04.2024 um 13:28 -0700 schrieb Ian Lance Taylor via Gcc: > > On Tue, Apr 2, 2024 at 1:21 PM Paul Koning via Gcc <gcc@gcc.gnu.org> wrote: > > > > > > > > Would it help to require (rather than just recommend) "don't use root > > > > except for the actual 'install' step" ? > > > > Seems reasonable, but note that it wouldn't make any difference to > > this attack. The liblzma library was modified to corrupt the sshd > > binary, when sshd was linked against liblzma. The actual attack > > occurred via a connection to a corrupt sshd. If sshd was running as > > root, as is normal, the attacker had root access to the machine. None > > of the attacking steps had anything to do with having root access > > while building or installing the program.
There does not seem a single good solution against something like this. My take a way is that software needs to become less complex. Do we really still need complex build systems such as autoconf? Are there still so many different configurations with subtle differences that every single feature needs to be tested individually by running code at build time? Martin
