From owner-freebsd-security@FreeBSD.ORG  Thu Oct 27 05:21:38 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0F4E016A41F;
	Thu, 27 Oct 2005 05:21:38 +0000 (GMT) (envelope-from bde@zeta.org.au)
Received: from mailout1.pacific.net.au (mailout1.pacific.net.au [61.8.0.84])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 62C5E43D45;
	Thu, 27 Oct 2005 05:21:37 +0000 (GMT) (envelope-from bde@zeta.org.au)
Received: from mailproxy2.pacific.net.au (mailproxy2.pacific.net.au
	[61.8.0.87])
	by mailout1.pacific.net.au (8.13.4/8.13.4/Debian-3) with ESMTP id
	j9R5L5Bf011779; Thu, 27 Oct 2005 15:21:05 +1000
Received: from katana.zip.com.au (katana.zip.com.au [61.8.7.246])
	by mailproxy2.pacific.net.au (8.13.4/8.13.4/Debian-3) with ESMTP id
	j9R5L2kE017839; Thu, 27 Oct 2005 15:21:03 +1000
Date: Thu, 27 Oct 2005 15:21:02 +1000 (EST)
From: Bruce Evans <bde@zeta.org.au>
X-X-Sender: bde@delplex.bde.org
To: "M. Warner Losh" <imp@bsdimp.com>
In-Reply-To: <20051025.231729.26928360.imp@bsdimp.com>
Message-ID: <20051027151929.K24217@delplex.bde.org>
References: <20051023232935.GC602@dragon.NUXI.org>
	<20051024080811.GF39882@cirb503493.alcatel.com.au>
	<20051024064605.A44523@cons.org>
	<20051025.231729.26928360.imp@bsdimp.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: developers@freebsd.org, PeterJeremy@optushome.com.au,
	freebsd-security@freebsd.org, cracauer@cons.org, delphij@delphij.net
Subject: Re: Is it feasible to cross-build compat5x binary?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Oct 2005 05:21:38 -0000

On Tue, 25 Oct 2005, M. Warner Losh wrote:

> In message: <20051024064605.A44523@cons.org>
>            Martin Cracauer <cracauer@cons.org> writes:
> : ELF object files are timestamped.  But there's some elf-cmp out there.
>
> Elf .o's are timestampped,

Script started on Thu Oct 27 15:17:31 2005
ttyv2:bde@epsplex:/tmp/z> echo "int i = 1;" >z.c
ttyv2:bde@epsplex:/tmp/z> cc -c z.c
ttyv2:bde@epsplex:/tmp/z> mv z.o z.o~
ttyv2:bde@epsplex:/tmp/z> cc -c z.c
ttyv2:bde@epsplex:/tmp/z> md5 z.o~ z.o
MD5 (z.o~) = c92e2bbb5a0e8b4f05eced238762dde1
MD5 (z.o) = c92e2bbb5a0e8b4f05eced238762dde1
ttyv2:bde@epsplex:/tmp/z> cmp z.o~ z.o
ttyv2:bde@epsplex:/tmp/z> exit

Script done on Thu Oct 27 15:18:14 2005

> but Elf executables are 100% reproducible,
> except when people go out of their way to not make them so.  Like
> adding the date or person builder.

True.

Bruce