Update docs/spec/draft/threats.md

Signed-off-by: Zachariah Cox <[email protected]>
slsa-framework · Dec 4, 2024 · fcd0db8 · fcd0db8
1 parent 09883c2
commit fcd0db8
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/docs/spec/draft/threats.md b/docs/spec/draft/threats.md
@@ -132,7 +132,7 @@ Solution: Require review for such changes.
 *Example:* The intent of a producer is to require two-person review on "all changes except for documentation changes," defined as those only modifying `.md` files.
 Adversary submits a malicious executable named `evil.md` and a code review is not required due to the exception.
 Technically, the intent of the producer was followed and the produced malicious revision meets all defined policies.
-Solution: Do not allow such exceptions.
+Solution: The producer adjusts the rules to prohibit such exceptions.
 
 </details>