Re: Packages removed from frozen
>>"Antti-Juhani" == Antti-Juhani Kaijanaho <gaia@iki.fi> writes:
Antti-Juhani> According to http://www.acm.org/classics/sep95/ it seems it was.
Antti-Juhani> But in my opinion, if we rely on GCC not having that
Antti-Juhani> (or a similar) hack, we have a `single - hard to verify
Antti-Juhani> - point of failure.
Trust me. Unless the author of the trojan hack has already
infected Digital UNIX cc, HPUX cc, AIX cc, there is not trojan
carried through purely in the binary. (Oh, and the digital unic CC
was also bootstrapped with the VMS CC)
Did you think I would give teh dispensation to gcc so easily?
Any such trojan, in gcc, has to be present in the source code. And
people who are paranoid enough can do a security audit with out being
blind sided by a binary only trojan.
manoj
--
Nature gave man two ends--one to sit on and one to think with. Ever
since then man's success or failure has been dependent on the one he
used most. George R. Kirkpatrick
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: