summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/forum/concurrent-output_dependency_implies_compilation_of_a_lot_of_unstrusted_sources_as_root.mdwn3
1 files changed, 3 insertions, 0 deletions
diff --git a/doc/forum/concurrent-output_dependency_implies_compilation_of_a_lot_of_unstrusted_sources_as_root.mdwn b/doc/forum/concurrent-output_dependency_implies_compilation_of_a_lot_of_unstrusted_sources_as_root.mdwn
new file mode 100644
index 00000000..c40b29ef
--- /dev/null
+++ b/doc/forum/concurrent-output_dependency_implies_compilation_of_a_lot_of_unstrusted_sources_as_root.mdwn
@@ -0,0 +1,3 @@
+The recent dependency on concurrent-output adding implies downloading, compiling, and executing as root of many (MissingH, hslogger, process, unix-compat, network, directory, ansi-terminal, unix, ...) unstrusted sources. This seems like a huge security problem...
+
+Are these at least downloaded using https?