From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.cs.ucla.edu (mail.cs.ucla.edu [131.179.128.66]) by sourceware.org (Postfix) with ESMTPS id C35EA3858D28; Tue, 2 Apr 2024 20:03:31 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org C35EA3858D28 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=cs.ucla.edu Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=cs.ucla.edu ARC-Filter: OpenARC Filter v1.0.0 sourceware.org C35EA3858D28 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=131.179.128.66 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712088213; cv=none; b=NsDTZIHC9Rm3YoZ6moTP1Nxm7dUwAmD3ymP1LkqUsvdMt0H7Kv17VTe61GhH+ABVCVJHZhKZzL/W9bM9eOMj0PvwBYj2M66CeJL2OhSssqUjYN0805O+SbXNuHKFbZwUMCIESZFrjHd/mfa2vBjClUqFBtiufCFKfoyDqxxrHH4= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712088213; c=relaxed/simple; bh=gaILQ18JLuGnj7yNXMf6txhesk5a8baFJf6ibcteMj8=; h=DKIM-Signature:Message-ID:Date:MIME-Version:Subject:To:From; b=Y3wXkZvfXCAEPWGIk6oZpiW1L3JwrlkAAE0vqxdk6d03dw/L+Nn6t6tZtsr8cwiYnx1IbVSEYzPacD+QzAVCXJIBW6+rrI5Gd39porthM4douMKaGAsu/Aq3w/WVddMcAxHse1WsYXA3MYT/w6E6fsEHE9bqNedPq7CmxIc6Yk8= ARC-Authentication-Results: i=1; server2.sourceware.org Received: from localhost (localhost [127.0.0.1]) by mail.cs.ucla.edu (Postfix) with ESMTP id 24FE23C011BDB; Tue, 2 Apr 2024 13:03:31 -0700 (PDT) Received: from mail.cs.ucla.edu ([127.0.0.1]) by localhost (mail.cs.ucla.edu [127.0.0.1]) (amavis, port 10032) with ESMTP id qUdQRx7sh-RN; Tue, 2 Apr 2024 13:03:30 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mail.cs.ucla.edu (Postfix) with ESMTP id C94693C011BDC; Tue, 2 Apr 2024 13:03:30 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.10.3 mail.cs.ucla.edu C94693C011BDC DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.ucla.edu; s=9D0B346E-2AEB-11ED-9476-E14B719DCE6C; t=1712088210; bh=RINmP4vhSxjojtnRA2RD0JK5x2AKwEt9o4aXRftF/Vo=; h=Message-ID:Date:MIME-Version:To:From; b=NEtR+EbaXbcpibpJ3HkWsZ/V/9okRzZdVDOSxn4GaoYmM1OK9R20OD74A4DuKtlR8 +OnhdKPOUMkPjzyIn74cT7QMYIl8BMph+sHeJhCG3B8+eG2AXdT+avK14MmD93rXO4 KPsJPk44+oh/aJaZVkKJimuK2o83/wJnIB6ciLo5vAUxt9CMlScB8L8jqRROaROJ3B ZHLzGqFtAzncOEY29DFOrqExtBnV1GAg/eD2dK4PmyY5XDYzaoK7NTcMbCZIMSx9Mu T+ymnw7t4zPD2Rkd6gRl3v6UW9HWmSLLrCRV5lOi7Ovm43mTlcOwcyJYNhgEqcUpM5 r5aVrUYiQIlJA== X-Virus-Scanned: amavis at mail.cs.ucla.edu Received: from mail.cs.ucla.edu ([127.0.0.1]) by localhost (mail.cs.ucla.edu [127.0.0.1]) (amavis, port 10026) with ESMTP id baIhidTIVTwA; Tue, 2 Apr 2024 13:03:30 -0700 (PDT) Received: from [131.179.64.200] (Penguin.CS.UCLA.EDU [131.179.64.200]) by mail.cs.ucla.edu (Postfix) with ESMTPSA id A6DA63C011BDB; Tue, 2 Apr 2024 13:03:30 -0700 (PDT) Message-ID: <12215cd2-16db-4ee4-bd98-6a4bcf318592@cs.ucla.edu> Date: Tue, 2 Apr 2024 13:03:26 -0700 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: Sourceware mitigating and preventing the next xz-backdoor To: Sandra Loosemore , Mark Wielaard , overseers@sourceware.org Cc: gcc@gcc.gnu.org, binutils@sourceware.org, gdb@sourceware.org, libc-alpha@sourceware.org References: <20240329203909.GS9427@gnu.wildebeest.org> <20240401150617.GF19478@gnu.wildebeest.org> Content-Language: en-US From: Paul Eggert Organization: UCLA Computer Science Department In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-3.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 4/2/24 12:54, Sandra Loosemore wrote: > Do we to harden our process, too, to require all patches to be signed > off by someone else before committing? It's easy for an attacker to arrange to have "someone else" in cahoots. Although signoffs can indeed help catch inadvertent mistakes, they're relatively useless against determined attacks of this form, and we must assume that nation-state attackers will be determined.