add Build Environment Track reference

Signed-off-by: Tom Hennen <[email protected]>
slsa-framework · Dec 10, 2024 · 3f4a8a0 · 3f4a8a0
1 parent 0d66d1c
commit 3f4a8a0
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/docs/spec/draft/threats.md b/docs/spec/draft/threats.md
@@ -869,7 +869,9 @@ output artifact.
 *Mitigation:* This can be partially mitigated by treating build tooling,
 including OS images, as any other artifact to be verified prior to use.
 The threats described in this document apply recursively to build tooling
-as do the mitigations and examples.
+as do the mitigations and examples.  A future
+[Build Environment track](future-directions#build-environment-track) may
+provide more comprehensive guidance on how to address this threat.
 
 *Example:* MyPackage is a tarball containing an ELF executable, created by
 running `/usr/bin/tar` during its build process. An adversary compromises the