mirror of
https://github.com/dashpay/dash.git
synced 2024-12-25 03:52:49 +01:00
More of 10680
This commit is contained in:
parent
b03608d5c2
commit
0b15551e3d
@ -150,11 +150,11 @@ Perform basic ELF security checks on a series of executables.
|
|||||||
symbol-check.py
|
symbol-check.py
|
||||||
===============
|
===============
|
||||||
|
|
||||||
A script to check that the (Linux) executables produced by gitian only contain
|
A script to check that the (Linux) executables produced by Gitian only contain
|
||||||
allowed gcc, glibc and libstdc++ version symbols. This makes sure they are
|
allowed gcc, glibc and libstdc++ version symbols. This makes sure they are
|
||||||
still compatible with the minimum supported Linux distribution versions.
|
still compatible with the minimum supported Linux distribution versions.
|
||||||
|
|
||||||
Example usage after a gitian build:
|
Example usage after a Gitian build:
|
||||||
|
|
||||||
find ../gitian-builder/build -type f -executable | xargs python contrib/devtools/symbol-check.py
|
find ../gitian-builder/build -type f -executable | xargs python contrib/devtools/symbol-check.py
|
||||||
|
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
# Distributed under the MIT software license, see the accompanying
|
# Distributed under the MIT software license, see the accompanying
|
||||||
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
||||||
'''
|
'''
|
||||||
A script to check that the (Linux) executables produced by gitian only contain
|
A script to check that the (Linux) executables produced by Gitian only contain
|
||||||
allowed gcc, glibc and libstdc++ version symbols. This makes sure they are
|
allowed gcc, glibc and libstdc++ version symbols. This makes sure they are
|
||||||
still compatible with the minimum supported Linux distribution versions.
|
still compatible with the minimum supported Linux distribution versions.
|
||||||
|
|
||||||
|
@ -243,9 +243,9 @@ dash-${VERSION}-win32.zip
|
|||||||
dash-${VERSION}-win64-setup.exe
|
dash-${VERSION}-win64-setup.exe
|
||||||
dash-${VERSION}-win64.zip
|
dash-${VERSION}-win64.zip
|
||||||
```
|
```
|
||||||
The `*-debug*` files generated by the gitian build contain debug symbols
|
The `*-debug*` files generated by the Gitian build contain debug symbols
|
||||||
for troubleshooting by developers. It is assumed that anyone that is interested
|
for troubleshooting by developers. It is assumed that anyone that is interested
|
||||||
in debugging can run gitian to generate the files for themselves. To avoid
|
in debugging can run Gitian to generate the files for themselves. To avoid
|
||||||
end-user confusion about which file to pick, as well as save storage
|
end-user confusion about which file to pick, as well as save storage
|
||||||
space *do not upload these to the dash.org server*.
|
space *do not upload these to the dash.org server*.
|
||||||
|
|
||||||
|
@ -38,9 +38,9 @@ that the bitcoin-qt.exe file inside the installer had not been tampered with.
|
|||||||
However, an attacker could modify the installer's code, so when the setup.exe
|
However, an attacker could modify the installer's code, so when the setup.exe
|
||||||
was run it compromised users' systems. A volunteer to write an auditing tool
|
was run it compromised users' systems. A volunteer to write an auditing tool
|
||||||
that checks the setup.exe for tampering, and checks the files in it against
|
that checks the setup.exe for tampering, and checks the files in it against
|
||||||
the list of gitian signatures, is needed.
|
the list of Gitian signatures, is needed.
|
||||||
|
|
||||||
The long-term solution is something like the 'gitian downloader' system, which
|
The long-term solution is something like the 'gitian downloader' system, which
|
||||||
uses signatures from multiple developers to determine whether or not a binary
|
uses signatures from multiple developers to determine whether or not a binary
|
||||||
should be trusted. However, that just pushes the problem to "how will
|
should be trusted. However, that just pushes the problem to "how will
|
||||||
non-technical users securely get the gitian downloader code to start?"
|
non-technical users securely get the Gitian downloader code to start?"
|
||||||
|
Loading…
Reference in New Issue
Block a user