On Thu, Jan 5, 2012 at 8:30 AM, Greg Troxel <[email protected]> wrote: > > We believe that Windows and Mac OS X both produce build results that are > extremely difficult to verify. On Gnu/Linux sometimes the build results > are difficult to verify. > > I am not crystal clear on all the details, but NetBSD has recently > undergone a perhaps-similar effort, with the goal being that one should > be able to start with identical sources and get bit-identical binary > releases.
FreeBSD is undergoing the same process as well. > > Key elements include: > > Using a toolchain that is part of the source tree. > > Modifying the toolchain to not embed timestamps. > > Cleaning up everyplace else that allowed variation. Also include - Setting the random seeds for the compiler (ie -frandom-seed) - Stripping path information from the binaries. -- Eitan Adler _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
