View Single Post
Old 17th December 2010
Oliver_H's Avatar
Oliver_H Oliver_H is offline
Real Name: Oliver Herold
UNIX lover
 
Join Date: May 2008
Location: Germany
Posts: 427
Default

Quote:
Originally Posted by rocket357 View Post
Propolice has nothing to do with the type of compiler compromise I'm talking about. Who cares if it inserts canary values and checks and such if it actively injects malicious code? A compiler is a program. It can be compromised to produce compromised programs even if the source of the program is "clean".
Sure, but they're not just using GCC as other operating system. According to my information they do security auditing for GCC.
__________________
use UNIX or die :-)
Reply With Quote