|
|
|
|
|
|
by samhw
1550 days ago
|
|
|
I think their point might have been that Unity forgot that lesson. And everyone else, transitively, along the chain. As horrible and impracticable as it sounds, the only way to prevent this happening is to read the source of every (/transitive) dependency you install. Yes, we can trust people, and yes, we can blame them when they betray our trust - we can even prosecute them - but as this shows, that's not always going to stop people. And it's certainly not going to stop attackers who gain control of those dependencies. This is something we really need to think about as a profession. I would favour a system where dependencies are restricted to pure computation only (no syscalls) and any greater permissions must be granted explicitly. But that's extremely onerous, and likely - for many devs - to lead to a 'just click yes' mentality; even besides that, there are doubtless many cases it won't prevent. All I'm sure of is that we can't continue like this. |
|
|