Y
Hacker News
new
|
ask
|
show
|
jobs
by
Ferret7446
37 days ago
That is one of many reasons to keep your dotfiles under version control.
2 comments
lrvick
37 days ago
Someone that can wrap your sudo binary can wrap you git binary too. Once your OS is compromised all bets are off.
link
lpribis
37 days ago
How would that help? Unless you happen to check the dotfiles git diff before running _anything_. I guess this could be put in prompt or some cron job to detect diffs but I bet absolutely nobody does this.
link