Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
hachyderm.io is one of the many independent Mastodon servers you can use to participate in the fediverse.
Hachyderm is a safe space, LGBTQIA+ and BLM, primarily comprised of tech industry professionals world wide. Note that many non-user account types have restrictions - please see our About page.

Administered by:

Server stats:

8.9K
active users

hachyderm.io: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

Cassandrich

@puppygirlhornypost@transfem.social @hipsterelectron Not a tool to automatically traverse package dep trees (we have those, no?) but to evaluate an individual library for things like thread unsafe init/exit code, sketchy dynamic code mechanisms, ctors with side effects, etc - things that might make your program vulnerable to bugs or backdoors just by linking the lib even if you don't call it.

Jul 19, 2024, 06:02 PM·Public·Web
2boosts·6favorites
Public
d@nny disc@ mc²

@dalias @puppygirlhornypost iirc @spack was doing binary analysis largely for computing package compatibility but could also be applied to this sort of security checking. we already e.g. set RPATHs so output libs point to the correct location of dependencies from the spack dep graph, this sort of auditing seems vaguely similar

ExploreLive feeds
About