Quote:
Originally Posted by backrow
just because a compiler would be a great target doesn’t mean that an IPSEC stack would not be a target.
|
My point is that while the ipsec stack was written by and peer-reviewed by the OpenBSD team members, GCC, sadly, is not. It would be considerably more difficult to inject malicious code into a peer-review software system than it would be to hide code in a bloated suite of tools like GCC.
I don't trust GCC, but until PCC takes over, it's the best we've got...so I use it.
And even though it'd be "more difficult", I'm not implying it couldn't be done...