Y
Hacker News
new
|
ask
|
show
|
jobs
by
freeone3000
2491 days ago
The post-install scripts are installed from the same source as the actual library - the library itself could contain whatever malicious code an attacker wants. Pre-built binaries don't help here.