Martin Uecker <[EMAIL PROTECTED]> writes:
> Patrick Winnertz wrote:
>> Am Dienstag, 18. September 2007 21:12:44 schrieb Julien Cristau:
>> > > Hmmhh, what do you do about programs etc that encode the build-time in
>> > > the binary? I mean they obviously will change between builds?
>> >
>> > Hopefully they don't encode the build-time in the file list?
>> We checked not for files which differ, but only for files which are missing
>> in the first package. or which are missing in the second package.
>>
>
> I think it would be really cool if the Debian policy required
> that packages could be rebuild bit-identical from source.
> At the moment, it is impossible to independly verify the
> integricity of binary packages.
>
>
> Greetings,
> Martin
Some tools use randomization to get out of worst case situations or
general optimization. For example when you look for an optimal
allocation of register usage you can do a search by picking a random
register allocation and repeat that a few thousand times to find a
suitable minimum. Or a randomized heap that gives you O(1) time for
all operations instead of O(lg n).
By requiring bit-to-bit identical results you eliminate all such
randomness and could seriously hinder the algorithm available for
tools.
Plus any bugfix in a tool will likely break it anyway as mentioned in
other mails.
MfG
Goswin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
