Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you commented.
For cmake this should be much less of a (security) concern as it is a build-system generator only: it does not change the distro build tools, viz., make / gcc / binutils - which are used during the actual build.
Users buster/16.04/18.04 can use 3.31 from kitware - the generated Makefiles can be vetted. One advantage of cmake is that the output directory is outside the source tree which can be mounted read-only!
Compiling a specific app from sources usually gets reviewed and approved if that system is designated for running it. But changing the default build tools and other packaged libs are hardly accepted because they affect the entire system and they are more security sensitive than a single app.
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you commented.