Re: Bootstrap binaries

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bootstrap binaries

From:	Ludovic Courtès
Subject:	Re: Bootstrap binaries
Date:	Sun, 28 Feb 2016 16:08:00 +0100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)

Jookia <address@hidden> skribis:

> On Sat, Feb 27, 2016 at 12:19:04AM +0100, Ludovic Courtès wrote:
>> I prefer to change those binaries as rarely as possible.  Intuitively
>> (and unscientifically), it gives more confidence to keep using the same
>> old binaries wrt. Ken Thompson attacks.
>
> I'm not sure about that, if we could establish the binaries could be
> reproducibly built using the current bootstrap binaries it sounds like it 
> could
> be fine. Having reproducible bootstrap binaries seems like something 
> incredibly
> useful especially for packagers that for whatever reason want to verify that 
> the
> binaries can be built with Guix before signing them.

We would have to update them every time we change GCC, Guile, Coreutils,
etc. or one of their dependencies, which sounds impractical or even
infeasible to me.

Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: GSoC ideas, (continued)

Prev by Date: Re: [PATCH] Add einstein.
Next by Date: Re: Bootstrap binaries
Previous by thread: Re: Bootstrap binaries
Next by thread: Re: Bootstrap binaries
Index(es):
- Date
- Thread