"Many eyes make bugs shallow" doesn't apply to security bugs. You need the *right* eyes auditing the code. Until then, backdoors like this can hide in plain sight.

>auth_su = true

I think anyone who looked at that code would notice...

Do you have any evidence this was hiding in plain sight, as opposed to hiding where nobody bothered to look?

@kyle Besides, lots of bugs have thousands of eyes, so it kind of evens out, doesn’t it?🙃

Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml