From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from simark.ca by simark.ca with LMTP id 89G4GMGyDmYdMSMAWB0awg (envelope-from ) for ; Thu, 04 Apr 2024 10:01:37 -0400 Authentication-Results: simark.ca; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.a=rsa-sha256 header.s=default header.b=SAFUycw0; dkim-atps=neutral Received: by simark.ca (Postfix, from userid 112) id 520161E0C0; Thu, 4 Apr 2024 10:01:37 -0400 (EDT) Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) by simark.ca (Postfix) with ESMTPS id 37AE91E030 for ; Thu, 4 Apr 2024 10:01:35 -0400 (EDT) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 479593858C52 for ; Thu, 4 Apr 2024 14:01:34 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 479593858C52 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1712239294; bh=W9kb2BtLvd60stQCRaOxJ42Udj5nzfrI8RAiP2j+yLY=; h=Date:To:cc:Subject:In-Reply-To:References:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: From:Reply-To:From; b=SAFUycw0aKlVP4wzZg0K8b6sWADL7Xzean5cwNffg/TKTUkGQXeqgCYhh7mWJ7Cxn gPyzcg9/TdqeehfL66ktZYfc+yzFER2emN8+psypZbkW4RfaSAf5pA7jt8yzQFzn0r aqMzfDRCqUcZcGPpEN+1FfcY8FYZxruq1fKrQhoU= Received: from smtp-out1.suse.de (smtp-out1.suse.de [IPv6:2a07:de40:b251:101:10:150:64:1]) by sourceware.org (Postfix) with ESMTPS id 90A933858431; Thu, 4 Apr 2024 14:00:41 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 90A933858431 ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 90A933858431 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712239242; cv=none; b=vFy+C3exNAOsixbYlTYmCWrVrIevq6rGxHwRrkMWv3x2EWsJkk9Hm8bB58tBBIN+4eHsRCr2+ZpZw+RmODoVrs5uX8ERsrXvpObL0SO1sVJDAXGyZvEgqasEJUltelZhizilNqYvGvtst1lTma5blrAkObNPJk9cBSQNj2yBGs4= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712239242; c=relaxed/simple; bh=gE74veOOlenFx0+ORL63pxrNMmQ0ezUlPk1NqJTaLaA=; h=DKIM-Signature:DKIM-Signature:DKIM-Signature:DKIM-Signature:Date: From:To:Subject:Message-ID:MIME-Version; b=QlENF9Fd8U3I1hgodizhvHw0zc0jVES/N8ANjbHTItMaQKNy/Kh0fZzafthGTtt0QtI6ZUkJsLTXv7FI0aRoJFdWnZXGc4szyFqF8xN1xYr7ylAueH+jA65A7Wc+yxF6lS/x5XjGxHmcoc3H8aD6GizQIQwI4YVlkMi0QEnQQSQ= ARC-Authentication-Results: i=1; server2.sourceware.org Received: from knuth.suse.de (unknown [10.168.5.16]) by smtp-out1.suse.de (Postfix) with ESMTP id 18D3C37C44; Thu, 4 Apr 2024 14:00:40 +0000 (UTC) Received: by knuth.suse.de (Postfix, from userid 10510) id F0054345F0F; Thu, 4 Apr 2024 15:59:39 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by knuth.suse.de (Postfix) with ESMTP id DEFD4345F0E; Thu, 4 Apr 2024 15:59:39 +0200 (CEST) Date: Thu, 4 Apr 2024 15:59:39 +0200 (CEST) To: Jonathon Anderson cc: Martin Uecker , Ian Lance Taylor , Paul Koning , Paul Eggert , Sandra Loosemore , Mark Wielaard , overseers@sourceware.org, gcc@gcc.gnu.org, binutils@sourceware.org, gdb@sourceware.org, libc-alpha@sourceware.org Subject: Re: Sourceware mitigating and preventing the next xz-backdoor In-Reply-To: Message-ID: <41394737-6f2d-86e7-5742-e0a794f9f63c@suse.de> References: <20240329203909.GS9427@gnu.wildebeest.org> <20240401150617.GF19478@gnu.wildebeest.org> <12215cd2-16db-4ee4-bd98-6a4bcf318592@cs.ucla.edu> <6239192ba9ff8aad0752309a54b633dc75a57c77.camel@tugraz.at> <8e877d2f-01e0-c786-dea5-265edbdc0c07@suse.de> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Spam-Level: X-Spamd-Result: default: False [-2.70 / 50.00]; BAYES_HAM(-3.00)[100.00%]; SUSPICIOUS_RECIPS(1.50)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.20)[-1.000]; MIME_GOOD(-0.10)[text/plain]; RCVD_NO_TLS_LAST(0.10)[]; ARC_NA(0.00)[]; FREEMAIL_TO(0.00)[gmail.com]; MIME_TRACE(0.00)[0:+]; TAGGED_RCPT(0.00)[]; RCPT_COUNT_TWELVE(0.00)[12]; MISSING_XM_UA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; DKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; FREEMAIL_CC(0.00)[tugraz.at,golang.org,comcast.net,cs.ucla.edu,baylibre.com,klomp.org,sourceware.org,gcc.gnu.org]; TO_DN_SOME(0.00)[]; DBL_BLOCKED_OPENRESOLVER(0.00)[knuth.suse.de:helo]; RCVD_COUNT_TWO(0.00)[2]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FUZZY_BLOCKED(0.00)[rspamd.com]; FREEMAIL_ENVRCPT(0.00)[comcast.net,gmail.com] X-Spam-Score: -2.70 X-Spam-Status: No, score=-2.4 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gdb@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gdb mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Michael Matz via Gdb Reply-To: Michael Matz Errors-To: gdb-bounces+public-inbox=simark.ca@sourceware.org Sender: "Gdb" Hello, On Wed, 3 Apr 2024, Jonathon Anderson wrote: > Of course, this doesn't make the build system any less complex, but > projects using newer build systems seem easier to secure and audit than > those using overly flexible build systems like Autotools and maybe even > CMake. IMHO using a late-model build system is a relatively low > technical hurdle to overcome for the benefits noted above, switching > should be considered and in a positive light. Note that we're talking not (only) about the build system itself, i.e. how to declare dependencies within the sources, and how to declare how to build them. make it just fine for that (as are many others). (In a way I think we meanwhile wouldn't really need automake and autogen, but rewriting all that in pure GNUmake is a major undertaking). But Martin also specifically asked about alternatives for feature tests, i.e. autoconfs purpose. I simply don't see how any alternative to it could be majorly "easier" or "less complex" at its core. Going with the examples given upthread there is usually only one major solution: to check if a given system supports FOOBAR you need to bite the bullet and compile (and potentially run!) a small program using FOOBAR. A configuration system that can do that (and I don't see any real alternative to that), no matter in which language it's written and how traditional or modern it is, also gives you enough rope to hang yourself, if you so choose. If you get away without many configuration tests in your project then this is because what (e.g.) the compiler gives you, in the form of libstdc++ for example, abstracts away many of the peculiarities of a system. But in order to be able to do that something (namely the config system of libstdc++) needs to determine what is or isn't supported by the system in order to correctly implement these abstractions. I.e. things you depend on did the major lifting of hiding system divergence. (Well, that, or you are very limited in the number of systems you support, which can be the right thing as well!) Ciao, Michael.