So how did those precautions stop what happened in the sendmail case? jeremyb.
> From: Zane Gilmore <[EMAIL PROTECTED]> > Date: 2002/10/10 Thu AM 09:24:20 GMT+13:00 > To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> > Subject: Re: Re: Sendmail 8.2.16 Contains Trojan Horse > > No it isn't, > The people who look after these projects will be using a tool called > diff (see man diff) > Whenever any changes are put into the source tree then those changes are > gone over with a fine toothed comb. > Unknown people as a general rule are not allowed to put source code into > the main tree without *the changes* being checked. > One does not have to rummage through "millions of lines of code" > > > > > On Thu, 2002-10-10 at 08:29, Jeremy Bertenshaw wrote: > > Indeed, however my point was that when the source is > > accessible, it's easier to put something in which may > > take a lot longer to spot, anyone using proper antivirus > > precautions would have spotted your examples. > > > > jeremyb. > > > > > From: Hamish McBrearty <[EMAIL PROTECTED]> > > > Date: 2002/10/09 Wed PM 04:57:58 GMT+13:00 > > > To: [EMAIL PROTECTED] > > > Subject: Re: Sendmail 8.2.16 Contains Trojan Horse > > > > > > This sort of things isn't the sole domain of open source software. > > > > > > PK Zip V3 came with a virus, the occasional CD with computing magazines > > > has a virus, and let's not forget Microsoft shipping the Korean language > > > version of Visual Studio .NET complete with Nimda worm enclosed! > > -- > Zane Gilmore, Analyst / Programmer > Information Services Section, Information Technology Dept, University of > Canterbury > Private Bag 4800 > Christchurch New Zealand > phone +64-3-364 2987 extn 7895 Fax 3642222 > >
