[petsc-dev] Fwd: [petsc-maint #119133] petsc-dev configure crash

Jed Brown jedbrown at mcs.anl.gov
Wed Jun 6 11:26:37 CDT 2012

On Wed, Jun 6, 2012 at 11:24 AM, Barry Smith <bsmith at mcs.anl.gov> wrote:

> With all the other unneeded bells and whistles in hg, why doesn't it have
> a mechanism where WE can put this post-pull business into the repository
> instead of telling each user to do that?

Massive security hole?

Sometimes I like to be able to look at code without running it. I've seen
"make" run "rm -rf ..". Just because I don't trust someone doesn't mean I
don't want to look at their code. It would be a very bad thing for Hg to
run arbitrary code when someone clones.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mcs.anl.gov/pipermail/petsc-dev/attachments/20120606/f64242ce/attachment.html>

More information about the petsc-dev mailing list