GNU Mes rebuild is definitely an application of DDC!
vagrant at reproducible-builds.org
Mon Oct 12 23:28:17 UTC 2020
On 2020-10-12, David A. Wheeler wrote:
> In the discussion today I was pointed to this awesome post about
> creating a reproducible bootstrap of the GNU Mes C compiler:
> I was asked if this counted as an application of Diverse
> Double-Compiling (DDC). Unless I’m grossly misunderstanding something,
> that is *definitely* an application of DDC! Different compilers are
> being used with the same source code in a special way to verify that
> the results are bit-for-bit identical. That’s what DDC is all
> The compilers being used in the DDC process aren’t as diverse
> as one might like, so there are limits to the result (as discussed in
> section 6 of my dissertation).
> But that’s definitely the real deal. In fact, it shows how DDC &
> reproducible builds can work together to provide a very strong
> countermeasure against the trusting trust attack & other kinds of
> maliciously subverted executables.
> I wrote a summary explaining it here:
That sums it up very nicely, thanks!
> If I missed anything, or if anything is wrong, let me know.
Some minor typos:
s/GNU MeS/GNU Mes/
s/distributions GNU Guix, Nix and Debian)/distributions (GNU Guix, Nix and Debian)/
> But I think it’s worth noting that this really is an application of
> DDC to gain confidence in a reproducible bootstrap.
Thanks for following up and the good conversation on IRC.
Now we need to step up our compiler diversity and OS diversity for for
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 227 bytes
Desc: not available
More information about the rb-general