|
|
|
|
|
|
by elliotkillick
1874 days ago
|
|
|
A developer's PGP key would be a good example. PGP keys are used by git to sign commits and tags. Plus, they're stored in the home directory so they may very well be accessible to a rouge package in the event of a supply chain attack. |
|
|