|
|
|
|
|
|
by acdha
1921 days ago
|
|
|
It’s because they’re implementing the feature so they can show a CISO a big scary report and say “good thing you paid us - otherwise you wouldn’t have known!” If they were serious about build errors they could use the built-in features of APT, YUM, etc. to only report binaries which don’t match the canonical distribution’s hashes, as has been standard sysadmin practice for aeons. |
|
|