Re: Packages removed from frozen
On Wed, Feb 09, 2000 at 01:08:52PM +0100, Nils Jeppe wrote:
> On 9 Feb 2000, Manoj Srivastava wrote:
> > Read about the C compiler that included a binary trojan when
> > it compiled itself (without the troan ever appearing in the source
> > code), or when it compiled login, to see what I mean.
> Well but that was afaik never put into practice. ;)
According to http://www.acm.org/classics/sep95/ it seems it was.
But in my opinion, if we rely on GCC not having that (or a similar) hack,
we have a single - hard to verify - point of failure. With several
independently bootstrapped compilers it's harder to infect the whole
system by cracking a compiler.
%%% Antti-Juhani Kaijanaho % email@example.com % http://www.iki.fi/gaia/ %%%