[rb-general] Question about reproducible builds for PaX/Grsecurity
Chris Lamb
lamby at debian.org
Thu Jun 22 17:13:33 CEST 2017
Hi Ximin,
> it might be worth using the SHA256 sum of the whole
> debian/changelog file
[…]
> This may prevent or make it harder, for attackers to predict values *in
* advance* and calculate rainbow tables
Oh wow, I would had never thought of this. Now I'm racking my brain
wondering whether I have sent any patches that could be problematic
in this way.
Thanks for sharing. :)
Regards,
--
,''`.
: :' : Chris Lamb, Debian Project Leader
`. `'` lamby at debian.org / chris-lamb.co.uk
`-
More information about the rb-general
mailing list