[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Packages removed from frozen

>>"Antti-Juhani" == Antti-Juhani Kaijanaho <gaia@iki.fi> writes:

 Antti-Juhani> According to http://www.acm.org/classics/sep95/ it seems it was.

 Antti-Juhani> But in my opinion, if we rely on GCC not having that
 Antti-Juhani> (or a similar) hack, we have a `single - hard to verify
 Antti-Juhani> - point of failure.  

        Trust me. Unless the author of the trojan hack has already
 infected Digital UNIX cc, HPUX cc, AIX cc, there is not trojan
 carried through purely in the binary. (Oh, and the digital unic CC
 was also bootstrapped with the VMS CC)

        Did you think I would give teh dispensation to gcc so easily?
 Any such trojan, in gcc, has to be present in the source code. And
 people who are paranoid enough can do a security audit with out being
 blind sided by a binary only trojan.

 Nature gave man two ends--one to sit on and one to think with.  Ever
 since then man's success or failure has been dependent on the one he
 used most. George R. Kirkpatrick
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Reply to: