You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Allowing native code to run on anybody's machine is dangerous.
Currently download_libs.sh doesn't contain md5 checksums. IMHO this is necessary.
Ideally a developer should never add those to native folder but actually only it should be done via CI upon verification of md5 checksums
There could be other measures / ideas taken for this but the things above should be minimum, especially that project is from cryptocurrency / where trojan horses stealing things like wallet passwords are common.
The text was updated successfully, but these errors were encountered:
Allowing native code to run on anybody's machine is dangerous.
There could be other measures / ideas taken for this but the things above should be minimum, especially that project is from cryptocurrency / where trojan horses stealing things like wallet passwords are common.
The text was updated successfully, but these errors were encountered: