Debian Planet








Welcome to Debian Planet

Search

All your woody are (not quite, but very very very soon) belong to us.
Main Menu

  • Home

  • Topics

  • Web Links

  • Your Account

  • Submit News

  • Stats

  • Top 10

  • Debian

    These are important Debian sites one should not be without!

  • Official Debian site

  • Package search

  • Mailing list archives

  • Bug reports

  • Debian on CD

  • Unofficial woody CD ISOs

  • Unofficial APT sources

  • Developers’ Corner

    Other great Debian news sources:

  • Debian Weekly News

  • Kernel Cousin Debian

    (Debian mailing lists digested)
  • Community Groups

    Need help? You’re not alone on this planet.

  • debianHELP

    (User support site)

  • Debian International

  • DebianForum.de

    (Deutsch)

  • EsDebian

    (español)

  • DebianWorld

    (français)

  • MaximumDebian

    (Italiano)

  • DebianUsers

    (Korean)

  • Debian-BR

    (Português)

  • IRC

    The place to get help on a Debian problem (after reading docs) or to just chat and chill is #debian on irc.debian.org.

    Many of the Debian Planet staff live there so pop by and say hello.

    Wanna write?

    Got that latest or greatest scoop? Perhaps you have some important news for the Debian community? Submit a news item!

    Or perhaps you’ve written a rather ground breaking insight into some aspect of Debian and you feel compelled to share it with others? Knock up a longer editorial article and send it to the editors.

    Sponsorship

    DP is sponsored by Xinit Systems and kieser.net.

    Domains paid for and hosted by uklinux.net.

    Buy your Debian merchandise at DebianShop.com.

    Who’s Online

    There are currently, 54 guest(s) and 6 member(s) that are online.

    You are Anonymous user. You can register for free by clicking here.

      
    Threshold


    The comments are owned by the poster. We aren’t responsible for their content.

    Debian would be my favourite if.. (Re: Debian from source) (Score: 1, Insightful)
    by Anonymous on Wednesday, May 22 @ 02:00:43 BST

    Oh, yes. “This md5sum verifies that the source is indeed the original trojan as published by the author!”

    If you don’t know what the code is, you can’t trust it.

    Besides, anyone remember that gcc hack some guy pulled off: he made gcc always specially detect when login was being compiled, and secretly added a backdoor, even if the login code was clean. Then he modified it so that this hack in gcc would be inserted into a gcc binary, even with clean gcc source.

    Now, since you have to have basic binaries to start a source installation, you could very well end up with a hacked gcc. Then, you could go and grab gresh gcc sources, built those with the hacked gcc, and it would produce a hacked gcc binary (even tho the sources are clean). You’d then blindy trust your built gcc, and use it to compile a nice clean login source, and end up with a hacked login.

    So, with that initial binary download, you can check the md5sum of the sources you compile all you want, and still be fscked.

    [ No Comments Allowed for Anonymous, please register | Parent ]


    Based on: PHP-Nuke

    All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © 2000 by Debian Planet

    You can syndicate our news using the file backend.php.