Hi;
On 12/21/16 11:54, Pedro Giffuni wrote:
Hello;
It would be important to work on Reproducible builds:
https://reproducible-builds.org/
The first issue to be resolved is that the executable should NOT carry
the date it was built. We could carry the SVN revision value instead.
Perhaps
Hello;
It would be important to work on Reproducible builds:
https://reproducible-builds.org/
The first issue to be resolved is that the executable should NOT carry
the date it was built. We could carry the SVN revision value instead.
Perhaps someone may be interested in hunting down here
checksums we generate actually have a meaning?
Can people downloading the source code actually rebuild the application and
obtain the same checksum we are asking them to trust? Proponents of
reproducible builds mention the case of tainted toolchains, like the trojanized
SDK that recently hit a mobile
