From: "Carsten P. Gehrke" <Carsten@rollinghorse.com>
To: Dean Anderson <dean@av8.com>, Russell Coker <russell@coker.com.au>
Cc: Charlie Watts <st_possenti@yahoo.com>, <selinux@tycho.nsa.gov>
Subject: Re: Linuxfromscratch.org
Date: Wed, 23 Jul 2003 08:09:49 -0700 [thread overview]
Message-ID: <5.1.1.6.2.20030723080629.0a198680@Shire> (raw)
In-Reply-To: <Pine.LNX.4.44.0307221644010.21542-100000@vista.av8.net>
At 13:49 22-07-03, Dean Anderson wrote:
>if you are looking for integrity, Linuxfromscratch is just the start.
>
>You have to come up with a way to exclude Kerningan-style compiler hacks,
>and similar OS hacks from being inserted into the "clean" source build.
>
>Kernigan, as some will remember, early in Unix days (70s), altered the
>compiler to include a backdoor in login when it compiled login.c, and
>altered the compiler to insert the backdoor-inserter whenever it compiled
>itself. So even if you recompiled Unix from scratch from clean source,
>you still had a backdoor. I think even if you retargeted the compiler, it
>still inserted to the apprpropriate backdoor-inserter. A similar hack can
>be done at the OS level.
>
> --Dean
Is this true of the GNU C compiler suite as well? And if so, would it not
be possible to remove it from the compiler? How does it work? Does it
look at the code, or is anything called login.c susceptible? Why has this
not been removed in the open-source code? How can I check to see if this
backdoor exists?
TIA,
Carsten
--
========================================================================
Carsten P. Gehrke
mailto:Carsten@RollingHorse.com
========================================================================
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2003-07-23 15:05 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-07-22 1:42 Linuxfromscratch.org Charlie Watts
2003-07-22 20:06 ` Linuxfromscratch.org Russell Coker
2003-07-22 20:49 ` Linuxfromscratch.org Dean Anderson
2003-07-23 15:09 ` Carsten P. Gehrke [this message]
2003-07-23 15:44 ` Linuxfromscratch.org Russell Coker
2003-07-23 20:01 ` Linuxfromscratch.org Dale Amon
2003-07-23 21:24 ` Linuxfromscratch.org Dean Anderson
2003-07-23 19:34 ` Linuxfromscratch.org karlm
2003-07-23 22:08 ` Linuxfromscratch.org Dean Anderson
2003-07-24 14:06 ` Linuxfromscratch.org Dale Amon
2003-07-24 14:16 ` Linuxfromscratch.org Dale Amon
2003-07-24 14:18 ` Linuxfromscratch.org Dale Amon
2003-07-24 17:40 ` Linuxfromscratch.org Colin Walters
2003-07-24 18:52 ` Linuxfromscratch.org Dean Anderson
2003-07-27 15:28 ` Linuxfromscratch.org Tom
2003-07-27 20:13 ` Linuxfromscratch.org Colin Walters
2003-07-28 17:17 ` Linuxfromscratch.org Tom
2003-07-24 19:42 ` Linuxfromscratch.org Russell Coker
2003-07-27 15:19 ` Linuxfromscratch.org Tom
2003-07-23 20:26 ` Linuxfromscratch.org Lukasz Luzar
2003-07-24 0:29 ` Linuxfromscratch.org Dale Amon
2003-07-24 6:39 ` Linuxfromscratch.org Brian May
2003-07-24 12:32 ` Linuxfromscratch.org Dale Amon
2003-07-23 1:17 ` Linuxfromscratch.org Carsten P. Gehrke
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5.1.1.6.2.20030723080629.0a198680@Shire \
--to=carsten@rollinghorse.com \
--cc=dean@av8.com \
--cc=russell@coker.com.au \
--cc=selinux@tycho.nsa.gov \
--cc=st_possenti@yahoo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.