From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id EF9EF13877A for ; Thu, 7 Aug 2014 19:38:10 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7BC00E08FE; Thu, 7 Aug 2014 19:38:09 +0000 (UTC) Received: from mail-pa0-f48.google.com (mail-pa0-f48.google.com [209.85.220.48]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id AA725E08DC for ; Thu, 7 Aug 2014 19:38:08 +0000 (UTC) Received: by mail-pa0-f48.google.com with SMTP id et14so5923743pad.35 for ; Thu, 07 Aug 2014 12:38:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=9/p+RO8YtQ3DLZLpEUN4jCw19b//qqYzOaESl89TzdI=; b=CWbGUzuTPXDHHENNm76l/AEH3GLVTe4N4AzE7ZeVHtvtLxWt20wFAoQhLltczPc72m 38FVMkEPS7P9k39d6PcddlOcxQN811Y6MsY3wNGJAl4WdXKKN4lPGhahRc5ucwC57ezn ntf5cTPXvjOvHRed1b8P4zjQuiPUUdVUbj+TSN8Hxnz8o+1kP9R4MVV/1Jq7KmTvFH6Z +bDVCsrvFp3YovE6iA7k6mti+aJTTgJeFEcUeLQZJmvV6+91ptLc5YlrfyVPT4UgQm0M qcrh/6aFeWZsmDe5gLwehalCL7jF4IuZgcTE7RY9EZXfOyQ2OAnAjP2fUgNVdT4xXj5e 9r7g== Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-amd64@lists.gentoo.org Reply-to: gentoo-amd64@lists.gentoo.org MIME-Version: 1.0 X-Received: by 10.66.154.200 with SMTP id vq8mr19761587pab.69.1407440287626; Thu, 07 Aug 2014 12:38:07 -0700 (PDT) Received: by 10.70.137.36 with HTTP; Thu, 7 Aug 2014 12:38:07 -0700 (PDT) In-Reply-To: References: <46751df7496f4e4f97fb23e10fc9f5b4@mail10.futurewins.com> <53E39D0E.5020808@maxandcarrie.com> Date: Thu, 7 Aug 2014 12:38:07 -0700 Message-ID: Subject: Re: [gentoo-amd64] Re: "For What It's Worth" (or How do I know my Gentoo source code hasn't been messed with?) From: Mark Knecht To: Gentoo AMD64 Content-Type: text/plain; charset=UTF-8 X-Archives-Salt: 028251fa-a76c-42e6-904d-4c85920d6f0b X-Archives-Hash: 49b89e71cbdb92641ef9292adb3b808e On Thu, Aug 7, 2014 at 10:20 AM, Duncan <1i5t5.duncan@cox.net> wrote: > Lie Ryan posted on Fri, 08 Aug 2014 02:06:14 +1000 as excerpted: > >> With you having to compile thousands of stuffs if you build from stage >> 1, I doubt that you will be able to verify every single thing you >> compile and detect if something is actually doing sneaky stuff AND still >> have the time to enjoy your system. Also, even if you build from stage 1 >> and manage to verify all the source code, you still need to download a >> precompiled compiler which could possibly inject the malicious code into >> the programs it compiles, and which can also inject itself if you try to >> compile another compiler from source. If there is a single software that >> is worth a gold mine to inject with malware to gain illicit access to >> all Linux system, then it would be gcc. Once you infect a compiler, >> you're invincible. > > Actually, that brings up a good question. The art of compiling is > certainly somewhat magic to me tho I guess I somewhat understand the > concept in a vague, handwavy way, but... > > So anyway, to the gcc experts that know, and to non-gcc CS folks who have > actually built their own simple compilers and can at least address the > concept, is a previous gcc or other full compiler actually required to > build a new gcc, or does it sufficiently bootstrap itself from the more > basic tools such that unlike most code, it doesn't actually need a full > compiler to build and reasonably optimize at all? That's a question I've > had brewing in the back of my mind for some time, and this seemed the > perfect opportunity to ask it. =:^) > And beyond Duncan's question (good question!) if I try to rebuild gcc like it was an empty box using my current machine I see this sort of thing where gcc is about the 350th of 385 packages getting built. It seems to me that _any_ package that has programs running at the same or higher level as emerge could be hacked and control what's actually placed on the machine. It's an endless problem if you cannot trust anything, and for most people, and certainly for me, unverifiable the ways the tools work today. c2RAID6 ~ # emerge -pve gcc These are the packages that would be merged, in order: Calculating dependencies... done! [ebuild R ] app-arch/xz-utils-5.0.5-r1 USE="nls threads -static-libs" ABI_X86="(64) (-32) (-x32)" 1,276 kB [ebuild R ] virtual/libintl-0-r1 ABI_X86="(64) -32 (-x32)" 0 kB [ebuild R ] app-arch/bzip2-1.0.6-r6 USE="-static -static-libs" ABI_X86="(64) (-32) (-x32)" 0 kB [ebuild R ] dev-libs/expat-2.1.0-r3 USE="unicode -examples -static-libs" ABI_X86="(64) (-32) (-x32)" 550 kB [ebuild R ] virtual/libiconv-0-r1 ABI_X86="(64) (-32) (-x32)" 0 kB [ebuild R ] dev-lang/python-exec-2.0.1-r1:2 PYTHON_TARGETS="(jython2_5) (jython2_7) (pypy) (python2_7) (python3_2) (python3_3) (-python3_4)" 0 kB [ebuild R ] sys-devel/gnuconfig-20140212 0 kB [ebuild R ] media-libs/libogg-1.3.1 USE="-static-libs" ABI_X86="(64) (-32) (-x32)" 0 kB [ebuild R ] app-misc/mime-types-9 16 kB [ebuild R ] sys-apps/baselayout-2.2 USE="-build" 40 kB [ebuild R ] sys-devel/gcc-config-1.7.3 15 kB [ebuild R ] media-libs/phonon-4.6.0-r1 USE="gstreamer (-aqua) -debug -pulseaudio -vlc (-zeitgeist)" 275 kB [ebuild R ] sys-libs/glibc-2.19-r1:2.2 USE="(multilib) -debug -gd (-hardened) -nscd -profile (-selinux) -suid -systemtap -vanilla" 0 kB [ebuild R ] sys-devel/gcc-4.7.3-r1:4.7 USE="cxx fortran (multilib) nls nptl openmp (-altivec) -awt -doc (-fixed-point) -gcj -go -graphite (-hardened) (-libssp) -mudflap (-multislot) -nopie -nossp -objc -objc++ -objc-gc -regression-test -vanilla" 81,022 kB [ebuild R ] sys-libs/pam-1.1.8-r2 USE="berkdb cracklib nls -audit -debug -nis (-selinux) {-test} -vim-syntax" ABI_X86="(64) (-32) (-x32)" 0 kB [ebuild R ] dev-db/mysql-5.1.70 USE="community perl ssl -big-tables -cluster -debug -embedded -extraengine -latin1 -max-idx-128 -minimal -pbxt -profiling (-selinux) -static {-test} -xtradb" 24,865 kB [ebuild R ] sys-devel/llvm-3.3-r3:0/3.3 USE="libffi static-analyzer xml -clang -debug -doc -gold -multitarget -ocaml -python {-test} -udis86" ABI_X86="(64) (-32) (-x32)" PYTHON_TARGETS="python2_7 (-pypy) (-pypy2_0%) (-python2_6%)" VIDEO_CARDS="-radeon" 0 kB [ebuild R ] media-libs/mesa-10.0.4 USE="classic egl gallium llvm nptl vdpau xvmc -bindist -debug -gbm -gles1 -gles2 -llvm-shared-libs -opencl -openvg -osmesa -pax_kernel -pic -r600-llvm-compiler (-selinux) -wayland -xa" ABI_X86="(64) (-32) (-x32)" VIDEO_CARDS="(-freedreno) -i915 -i965 -ilo -intel -nouveau -r100 -r200 -r300 -r600 -radeon -radeonsi -vmware" 0 kB [ebuild R ] x11-libs/cairo-1.12.16 USE="X glib opengl svg xcb (-aqua) -debug -directfb -doc (-drm) (-gallium) (-gles2) -legacy-drivers -openvg (-qt4) -static-libs -valgrind -xlib-xcb" 0 kB [ebuild R ] app-text/poppler-0.24.5:0/44 USE="cairo cxx introspection jpeg jpeg2k lcms png qt4 tiff utils -cjk -curl -debug -doc" 0 kB [ebuild R ] media-libs/harfbuzz-0.9.28:0/0.9.18 USE="cairo glib graphite introspection truetype -icu -static-libs {-test}" ABI_X86="(64) (-32) (-x32)" 0 kB [ebuild R ] x11-libs/pango-1.36.5 USE="X introspection -debug" ABI_X86="(64) (-32) (-x32)" 0 kB [ebuild R ] x11-libs/gtk+-2.24.24:2 USE="introspection xinerama (-aqua) -cups -debug -examples {-test} -vim-syntax" ABI_X86="(64) (-32) (-x32)" 0 kB [ebuild R ] x11-libs/gtk+-3.12.2:3 USE="X introspection xinerama (-aqua) -cloudprint -colord -cups -debug -examples {-test} -vim-syntax -wayland" 0 kB [ebuild R ] dev-db/libiodbc-3.52.7 USE="gtk" 1,015 kB [ebuild R ] app-crypt/pinentry-0.8.2 USE="gtk ncurses qt4 -caps -static" 419 kB [ebuild R ] dev-java/icedtea-bin-6.1.13.3-r3:6 USE="X alsa -cjk -cups -doc -examples -nsplugin (-selinux) -source -webstart" 0 kB [ebuild R ] dev-libs/soprano-2.9.4 USE="dbus raptor redland virtuoso -debug -doc {-test}" 1,913 kB [ebuild R ] app-crypt/gnupg-2.0.25 USE="bzip2 ldap nls readline usb -adns -doc -mta (-selinux) -smartcard -static" 0 kB [ebuild R ] gnome-extra/polkit-gnome-0.105 304 kB [ebuild R ] kde-base/kdelibs-4.12.5-r2:4/4.12 USE="acl alsa bzip2 fam handbook jpeg2k mmx nls opengl (policykit) semantic-desktop spell sse sse2 ssl udev udisks upower -3dnow (-altivec) (-aqua) -debug -doc -kerberos -lzma -openexr {-test} -zeroconf" 0 kB [ebuild R ] sys-auth/polkit-kde-agent-0.99.0-r1:4 USE="(-aqua) -debug" LINGUAS="-ca -ca@valencia -cs -da -de -en_GB -eo -es -et -fi -fr -ga -gl -hr -hu -is -it -ja -km -lt -mai -ms -nb -nds -nl -pa -pt -pt_BR -ro -ru -sk -sr -sr@ijekavian -sr@ijekavianlatin -sr@latin -sv -th -tr -uk -zh_TW" 34 kB [ebuild R ] kde-base/nepomuk-core-4.12.5:4/4.12 USE="exif pdf (-aqua) -debug -epub -ffmpeg -taglib" 0 kB [ebuild R ] kde-base/katepart-4.12.5:4/4.12 USE="handbook (-aqua) -debug" 0 kB [ebuild R ] kde-base/kdesu-4.12.5:4/4.12 USE="handbook (-aqua) -debug" 0 kB [ebuild R ] net-libs/libproxy-0.4.11-r2 USE="kde -gnome -mono -networkmanager -perl -python -spidermonkey {-test} -webkit" ABI_X86="(64) (-32) (-x32)" PYTHON_TARGETS="python2_7" 0 kB [ebuild R ] kde-base/nepomuk-widgets-4.12.5:4/4.12 USE="(-aqua) -debug" 0 kB [ebuild R ] kde-base/khelpcenter-4.12.5:4/4.12 USE="(-aqua) -debug" 0 kB [ebuild R ] net-libs/glib-networking-2.40.1-r1 USE="gnome libproxy ssl -smartcard {-test}" ABI_X86="(64) (-32) (-x32)" 0 kB [ebuild R ] net-libs/libsoup-2.46.0-r1:2.4 USE="introspection ssl -debug -samba {-test}" ABI_X86="(64) (-32) (-x32)" 0 kB [ebuild R ] media-plugins/gst-plugins-soup-0.10.31-r1:0.10 ABI_X86="(64) (-32) (-x32)" 0 kB [ebuild R ] media-libs/phonon-gstreamer-4.6.3 USE="alsa network -debug" 71 kB Total: 385 packages (385 reinstalls), Size of downloads: 355,030 kB c2RAID6 ~ #