Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add lesson learned from polyfill.io #559

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Add lesson learned from polyfill.io #559

wants to merge 5 commits into from

Conversation

david-a-wheeler
Copy link
Contributor

No description provided.

@david-a-wheeler @ctcpip
Update docs/Concise-Guide-for-Developing-More-Secure-Software.md
a02d495 
Co-authored-by: Chris de Almeida <[email protected]>
Signed-off-by: David A. Wheeler <[email protected]>
@david-a-wheeler
Copy link
Contributor Author

david-a-wheeler commented Jul 3, 2024
edited
Loading

I wouldn't say "supply chain" on just this item. There are many supply chain attacks, and this is only one kind. If we single this out with the term "supply chain", I fear people might think they're identical.

@ctcpip
Copy link
Member

ctcpip commented Jul 3, 2024

I wouldn't say "supply chain" on just this item. There are many supply chain attacks, and this is only one kind. If we single this out with the term "supply chain", I fear people might think they're identical.

I actually backtracked on that and had removed my comment, but I guess there was a race condition :)

@david-a-wheeler
Copy link
Contributor Author

@ctcpip - no problem! I merged in your improvement, & made a few more tweaks. I think it's better, thank you!

@david-a-wheeler
Weaken the recommendation a little
db0724f 
Sometimes inclusion across domains really *is* what you want to do,
and the risks are reasonable, so back it down a little from
"never" do it.

Signed-off-by: David A. Wheeler <[email protected]>
ljharb
ljharb approved these changes Jul 3, 2024
View reviewed changes
Copy link
Member

@ljharb ljharb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i thought we all learned this 10-20 years ago, but apparently not :-p

@david-a-wheeler
Copy link
Contributor Author

ljharb said:

i thought we all learned this 10-20 years ago, but apparently not :-p

Hehe. I think the problem is that new people keep showing up, and instead of learning from the past, they presume that the past has nothing to teach them. The past has very brutal ways to show otherwise :-(.

david-a-wheeler added a commit that referenced this pull request Jul 5, 2024
@david-a-wheeler
Provide recommendation to counter xz utils style attack
e065ab2 
The malicious attack on the xz utils slipped through many
defenses because the "source" package included pre-generated
malicious code. This meant that review of the source code
(e.g., as seen by git) couldn't find the problem.

This proposes a best practices to counter it. The text is longer
than I'd like, but it's hard to make it short, and this was a
worrying attack so I think it's reasonable to say this.

We'll probably need to renumber this proposal if we also add
the proposed text to counter attacks like polyfill.io:
#559
... but I think that's okay!

Signed-off-by: David A. Wheeler <[email protected]>
@david-a-wheeler david-a-wheeler mentioned this pull request Jul 5, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ljharb ljharb ljharb approved these changes

@ctcpip ctcpip ctcpip approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@david-a-wheeler @ctcpip @ljharb