Update docs/spec/draft/threats.md

Co-authored-by: Trishank Karthik Kuppusamy <[email protected]> Signed-off-by: Tom Hennen <[email protected]>
slsa-framework · Dec 10, 2024 · 610d57c · 610d57c
1 parent 520b5e7
commit 610d57c
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/docs/spec/draft/threats.md b/docs/spec/draft/threats.md
@@ -883,7 +883,7 @@ MyPackage artifact.  Solution: [apply SLSA recursively] to all build tools
 prior to the build.  The build platform verifies the disk image,
 or the individual components on the disk image, against the associated
 provenance or VSAs prior to running a build.  Depending on where the initial
-compromise took place the modified `/usr/bin/tar` will fail this verification.
+compromise took place (i.e. before/during vs _after_ the build of the build tool itself), the modified `/usr/bin/tar` will fail this verification.
 
 </details>