More of 10680

This commit is contained in:
UdjinM6 2020-01-05 03:20:25 +03:00 committed by Pasta
parent b03608d5c2
commit 0b15551e3d
No known key found for this signature in database
GPG Key ID: 52527BEDABE87984
4 changed files with 7 additions and 7 deletions

View File

@ -150,11 +150,11 @@ Perform basic ELF security checks on a series of executables.
symbol-check.py symbol-check.py
=============== ===============
A script to check that the (Linux) executables produced by gitian only contain A script to check that the (Linux) executables produced by Gitian only contain
allowed gcc, glibc and libstdc++ version symbols. This makes sure they are allowed gcc, glibc and libstdc++ version symbols. This makes sure they are
still compatible with the minimum supported Linux distribution versions. still compatible with the minimum supported Linux distribution versions.
Example usage after a gitian build: Example usage after a Gitian build:
find ../gitian-builder/build -type f -executable | xargs python contrib/devtools/symbol-check.py find ../gitian-builder/build -type f -executable | xargs python contrib/devtools/symbol-check.py

View File

@ -3,7 +3,7 @@
# Distributed under the MIT software license, see the accompanying # Distributed under the MIT software license, see the accompanying
# file COPYING or http://www.opensource.org/licenses/mit-license.php. # file COPYING or http://www.opensource.org/licenses/mit-license.php.
''' '''
A script to check that the (Linux) executables produced by gitian only contain A script to check that the (Linux) executables produced by Gitian only contain
allowed gcc, glibc and libstdc++ version symbols. This makes sure they are allowed gcc, glibc and libstdc++ version symbols. This makes sure they are
still compatible with the minimum supported Linux distribution versions. still compatible with the minimum supported Linux distribution versions.

View File

@ -243,9 +243,9 @@ dash-${VERSION}-win32.zip
dash-${VERSION}-win64-setup.exe dash-${VERSION}-win64-setup.exe
dash-${VERSION}-win64.zip dash-${VERSION}-win64.zip
``` ```
The `*-debug*` files generated by the gitian build contain debug symbols The `*-debug*` files generated by the Gitian build contain debug symbols
for troubleshooting by developers. It is assumed that anyone that is interested for troubleshooting by developers. It is assumed that anyone that is interested
in debugging can run gitian to generate the files for themselves. To avoid in debugging can run Gitian to generate the files for themselves. To avoid
end-user confusion about which file to pick, as well as save storage end-user confusion about which file to pick, as well as save storage
space *do not upload these to the dash.org server*. space *do not upload these to the dash.org server*.

View File

@ -38,9 +38,9 @@ that the bitcoin-qt.exe file inside the installer had not been tampered with.
However, an attacker could modify the installer's code, so when the setup.exe However, an attacker could modify the installer's code, so when the setup.exe
was run it compromised users' systems. A volunteer to write an auditing tool was run it compromised users' systems. A volunteer to write an auditing tool
that checks the setup.exe for tampering, and checks the files in it against that checks the setup.exe for tampering, and checks the files in it against
the list of gitian signatures, is needed. the list of Gitian signatures, is needed.
The long-term solution is something like the 'gitian downloader' system, which The long-term solution is something like the 'gitian downloader' system, which
uses signatures from multiple developers to determine whether or not a binary uses signatures from multiple developers to determine whether or not a binary
should be trusted. However, that just pushes the problem to "how will should be trusted. However, that just pushes the problem to "how will
non-technical users securely get the gitian downloader code to start?" non-technical users securely get the Gitian downloader code to start?"