View Single Post
Old 17th December 2010
rocket357's Avatar
rocket357 rocket357 is offline
Real Name: Jonathon
Wannabe OpenBSD porter
 
Join Date: Jun 2010
Location: 127.0.0.1
Posts: 429
Default

Quote:
Originally Posted by backrow View Post
just because a compiler would be a great target doesn’t mean that an IPSEC stack would not be a target.
My point is that while the ipsec stack was written by and peer-reviewed by the OpenBSD team members, GCC, sadly, is not. It would be considerably more difficult to inject malicious code into a peer-review software system than it would be to hide code in a bloated suite of tools like GCC.

I don't trust GCC, but until PCC takes over, it's the best we've got...so I use it.

And even though it'd be "more difficult", I'm not implying it couldn't be done...
Reply With Quote