From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andreas Enge Subject: Re: How to reduce our vulnerability from self-hosted compilers Date: Fri, 27 Feb 2015 22:12:51 +0100 Message-ID: <20150227211251.GA18401@debian> References: <87385s8di2.fsf@netris.org> <87r3tbsk79.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:38959) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YRSDU-0004pU-HF for guix-devel@gnu.org; Fri, 27 Feb 2015 16:13:01 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YRSDQ-0005AI-3p for guix-devel@gnu.org; Fri, 27 Feb 2015 16:13:00 -0500 Content-Disposition: inline In-Reply-To: <87r3tbsk79.fsf@gnu.org> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org To: Ludovic =?iso-8859-15?Q?Court=E8s?= Cc: guix-devel@gnu.org Hello, your ideas sound good to me. As to Fede, it occurred to me that we would not need to maintain our own bootstrap binaries as we do for the guix system. Instead, we could add a fixed binary from upstream to the store (as a separate, probably private, package) and use it to build the final package. When updating to a newer version, we would keep the same binary bootstrap package. This would be an easier way of achieving your first goal. It would not, however, achieve your second goal, of creating new bootstrap binaries with the old ones, if necessary, and to thus obtain a complete "trust chain". But I think this would be the second step, and maybe too much effort for not so much effect. Let us implement the first step first, and then see where it leads us. Andreas