[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Deterministic builds?



On Thu, Jan 5, 2012 at 8:30 AM, Greg Troxel <gdt@xxxxxxxxxxxxxxx> wrote:
>
> ÂWe believe that Windows and Mac OS X both produce build results that are
> Âextremely difficult to verify. On Gnu/Linux sometimes the build results
> Âare difficult to verify.
>
> I am not crystal clear on all the details, but NetBSD has recently
> undergone a perhaps-similar effort, with the goal being that one should
> be able to start with identical sources and get bit-identical binary
> releases.

FreeBSD is undergoing the same process as well.

>
> Key elements include:
>
> ÂUsing a toolchain that is part of the source tree.
>
> ÂModifying the toolchain to not embed timestamps.
>
> ÂCleaning up everyplace else that allowed variation.

Also include
- Setting the random seeds for the compiler (ie -frandom-seed)

- Stripping path information from the binaries.





-- 
Eitan Adler
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk