[Scons-users] Does remote caching open up any security vulnerabilities?
Bill Deegan
bill at baddogconsulting.com
Thu Sep 22 15:15:23 EDT 2022
On Thu, Sep 22, 2022 at 12:03 PM Don Baldwin <donb at qti.qualcomm.com> wrote:
> Hi,
>
>
>
> What precautions are in place to prevent someone from modifying a cached
> file to inject nefarious code into a product?
>
Currently there are none.
If you're building software in such an environment, you have lots of issues
to contend with in addition to someone altering the cachedir files.
Generally we don't check target file modification either (assuming nothing
depends on a given target file as source to another builder).
Though in that case it would just case a rebuild of the target which
depends on it, not a specific notice that it had been modified.
_Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist4.pair.net/pipermail/scons-users/attachments/20220922/7ed312e5/attachment.htm>
More information about the Scons-users
mailing list