[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: maradns reproducibility fixes and the merits of picking a random num
|
From: |
Ludovic Courtès |
|
Subject: |
Re: maradns reproducibility fixes and the merits of picking a random number |
|
Date: |
Tue, 07 Jun 2022 17:15:00 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/28.1 (gnu/linux) |
Hi,
Vagrant Cascadian <vagrant@reproducible-builds.org> skribis:
> But there's one nervous-making issue this revealed; maradns embeds a
> random number at build time ... allegedly for systems that don't have
> /dev/urandom... see
> maradns-3.5.0020/deadwood-3.5.0020/src/Makefile.ubuntu2004:
>
> # Since some systems may not have /dev/urandom (Windows, *cough* *cough*),
> we
> # keep a randomly generated prime around
>
> So it's got some code to generate a random number at build time and
> embed it in the binary. Now, if there's anything I know about good
> practices about random numbers, this sort of thing is generally a very
> large red flag! It also makes the package build differently every time!
Woow. Reproducibility work lets you uncover issues you wouldn’t think of!
Ludo’.
- Re: maradns reproducibility fixes and the merits of picking a random number, (continued)
- Re: maradns reproducibility fixes and the merits of picking a random number, Vagrant Cascadian, 2022/06/08
- Re: maradns reproducibility fixes and the merits of picking a random number, Vagrant Cascadian, 2022/06/22
- Re: maradns reproducibility fixes and the merits of picking a random number, Vagrant Cascadian, 2022/06/27
- Re: maradns reproducibility fixes and the merits of picking a random number, Efraim Flashner, 2022/06/28
- Re: maradns reproducibility fixes and the merits of picking a random number, Jack Hill, 2022/06/28
- Re: maradns reproducibility fixes and the merits of picking a random number, Tobias Geerinckx-Rice, 2022/06/28
- Re: maradns reproducibility fixes and the merits of picking a random number, Gábor Boskovits, 2022/06/28
- Re: maradns reproducibility fixes and the merits of picking a random number, Vagrant Cascadian, 2022/06/28
- Re: maradns reproducibility fixes and the merits of picking a random number, Tobias Geerinckx-Rice, 2022/06/28
- Re: maradns reproducibility fixes and the merits of picking a random number, Tobias Geerinckx-Rice, 2022/06/28
Re: maradns reproducibility fixes and the merits of picking a random number,
Ludovic Courtès <=
Re: maradns reproducibility fixes and the merits of picking a random number, Arun Isaac, 2022/06/08
Re: maradns reproducibility fixes and the merits of picking a random number, Liliana Marie Prikler, 2022/06/08