On Tue, May 01, 2007 at 10:36:08PM +0200, Maurice Janssen wrote: > On Tuesday, May 1, 2007 at 00:04:06 +0200, Joachim Schipper wrote: > >This is just an idea, and might well be completely retarded/wrong, but: > > > >Unless I am mistaken, the reason that compiling the same binary twice > >yields different results is that gcc adds some randomness (barring > >special circumstance like including date, time, host and version in the > >kernel, and so on). > > > >If one were to extend gcc to accept random data from a file as well as > >the usual sources (/dev/arandom and such, I suppose), would this not > >make sure that, given the original random data, one always gets the same > >binaries? > > Perhaps, but what's the benefit? After applying a patch, I don't want > to have the same binaries, but new and different binaries.
I'm not certain that's as much of a problem as you appear to think, but the idea is, in fact, retarded, as someone pointed out to me in a (very polite!) off-list message. (gcc doesn't insert randomness; on the other hand, tools like ar(1) (for static libraries) and tar(1) include timestamps. Actually checking before posting random crap might be a good idea. Shame on me! Sorry for the noise, everyone...) Joachim -- PotD: x11/wmtz - wm-dockapp; displays the time in different time zones