From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from omta034.useast.a.cloudfilter.net (omta034.useast.a.cloudfilter.net [44.202.169.33]) by sourceware.org (Postfix) with ESMTPS id BC1EB3846401 for ; Wed, 3 Apr 2024 14:05:02 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org BC1EB3846401 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=tromey.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=tromey.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org BC1EB3846401 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=44.202.169.33 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712153105; cv=none; b=E5c1HE6bqfQRi+UyldHJqfsWtutIM14KlvUGfPBjGM7C/Mm1BObO/od1E3yR2IcQAiXWX56/ll5Kv9R3scy5o7mkq/OtyxFJIPEzvokxSRMUe9W7UCPpdlVRAhTfJyAgMQMcS49CC81EyQls0HdzTaavUdu9+KI0fvyjDyZ2Jec= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712153105; c=relaxed/simple; bh=w9Z3cJ3N6jowuEPFCX8jD5XCf8NVekWSFrv5ypCUKy8=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=tbwNw+DLfehBniyj4g9bykfMNNG2lf4/+kXNMkjw6ye4Hzd2bmBu3ZTtgExIo4hRZibKfmrcKirnunknFJWb4j3cDcMKdbU1fwv2WbNYECWS939NHIw03LYFi5G+Zf6QoP6dTyDLxTZO1ZqYduJParWy+HT3qclICyjW8XyFlzQ= ARC-Authentication-Results: i=1; server2.sourceware.org Received: from eig-obgw-5008a.ext.cloudfilter.net ([10.0.29.246]) by cmsmtp with ESMTPS id rsVfr9NTws4yTs1EcrI2kR; Wed, 03 Apr 2024 14:05:02 +0000 Received: from box5379.bluehost.com ([162.241.216.53]) by cmsmtp with ESMTPS id s1EbrDcBWiDnes1EbrMipV; Wed, 03 Apr 2024 14:05:01 +0000 X-Authority-Analysis: v=2.4 cv=Cd4O5qrl c=1 sm=1 tr=0 ts=660d620d a=ApxJNpeYhEAb1aAlGBBbmA==:117 a=ApxJNpeYhEAb1aAlGBBbmA==:17 a=raytVjVEu-sA:10 a=Qbun_eYptAEA:10 a=20KFwNOVAAAA:8 a=j3QwPJcymXKu2OTbClcA:9 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tromey.com; s=default; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date:References :Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=w9Z3cJ3N6jowuEPFCX8jD5XCf8NVekWSFrv5ypCUKy8=; b=hyTwwZDOxvsMdCXoI52W208QUk 64UDYwjfghlehdZysWvl/edceFPWL7cKDB/aOHs97NoVf1EnPP49VO44qy/m/dZ4TXSK5WqT7Kkzg E0PJwW+Msnjk7zaXsLwyAewvL; Received: from 97-122-82-115.hlrn.qwest.net ([97.122.82.115]:34736 helo=murgatroyd) by box5379.bluehost.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96.2) (envelope-from ) id 1rs1Ea-002t2y-1e; Wed, 03 Apr 2024 08:05:00 -0600 From: Tom Tromey To: Florian Weimer Cc: Guinevere Larsen via Overseers , Sandra Loosemore , Mark Wielaard , Guinevere Larsen , gcc@gcc.gnu.org, binutils@sourceware.org, gdb@sourceware.org, libc-alpha@sourceware.org Subject: Re: Sourceware mitigating and preventing the next xz-backdoor References: <20240329203909.GS9427@gnu.wildebeest.org> <20240401150617.GF19478@gnu.wildebeest.org> <077b9dd5-0df1-4384-a9d1-58e4283caf09@redhat.com> <87il0ykgw5.fsf@oldenburg.str.redhat.com> X-Attribution: Tom Date: Wed, 03 Apr 2024 08:04:59 -0600 In-Reply-To: <87il0ykgw5.fsf@oldenburg.str.redhat.com> (Florian Weimer's message of "Wed, 03 Apr 2024 10:08:26 +0200") Message-ID: <87o7aq8ruc.fsf@tromey.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - box5379.bluehost.com X-AntiAbuse: Original Domain - sourceware.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - tromey.com X-BWhitelist: no X-Source-IP: 97.122.82.115 X-Source-L: No X-Exim-ID: 1rs1Ea-002t2y-1e X-Source: X-Source-Args: X-Source-Dir: X-Source-Sender: 97-122-82-115.hlrn.qwest.net (murgatroyd) [97.122.82.115]:34736 X-Source-Auth: tom+tromey.com X-Email-Count: 2 X-Org: HG=bhshared;ORG=bluehost; X-Source-Cap: ZWx5bnJvYmk7ZWx5bnJvYmk7Ym94NTM3OS5ibHVlaG9zdC5jb20= X-Local-Domain: yes X-CMAE-Envelope: MS4xfHLewQDtaXz6xQ/u1EEShUyPrKjQtxf7MPj9IEb34MxI1QwZLUCePH2XWiAN3HQ3XI8Z1+PjKtCOb1ml8bL/02f2uD34rbo0v7FQNQbJ6RHUYl7C98pO ZnAyd1Nk5NutQ+9CMQA2/Nz9rOy0sCpdeOTCKowZSQozqa7aiCcphGBWRslXxS+ACm+xqUIt5fumQYT2v5CashNvlvi4e55k2ZA= X-Spam-Status: No, score=-3015.5 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,JMQ_SPF_NEUTRAL,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: >>>>> "Florian" == Florian Weimer writes: Florian> Everyone still pushes their own patches, and there are no Florian> technical countermeasures in place to ensure that the pushed version is Florian> the reviewed version. This is a problem for gdb as well. Probably we should switch to some kind of pull-request model, where patches can only be landed via the UI, after sufficient review; and where all generated files are regenerated by the robot before checkin. (Or alternatively some CI runs and rejects patches where they don't match.) Tom