Re: [dev] [sbase][RFC] patch: whitespace patches

From: Mattias Andrée <maandree_AT_kth.se>
Date: Thu, 25 Feb 2016 14:50:23 +0100

On Thu, 25 Feb 2016 13:45:58 +0000
Dimitris Papastamos <sin_AT_2f30.org> wrote:

> On Thu, Feb 25, 2016 at 02:42:42PM +0100, Mattias Andrée
> wrote:
> > On Thu, 25 Feb 2016 14:11:05 +0100
> > FRIGN <dev_AT_frign.de> wrote:
> >
> > > On Thu, 25 Feb 2016 13:39:30 +0100
> > > Mattias Andrée <maandree_AT_kth.se> wrote:
> > >
> > > Hey Matthias,
> > >
> > > > I think the documentation should be clear that it
> > > > only to be relied upon if whitespace changes do
> > > > not have any affects. Perhaps it should not allow
> > > > introducing whitespace where there was none,
> > > >
> > > > -helloworld
> > > > +hello world
> > > >
> > > > or removing all whitespace
> > > >
> > > > -hello world !
> > > > +helloworld !
> > > >
> > > > to protect against changes in strings. This however
> > > > does would mean that
> > > >
> > > > -a=b*c
> > > > +a = b * c
> > > >
> > > > would not be allowed either.
> > >
> > > this is insane. Just read the fucking patches and stop
> > > handholding the users.
> > >
> > > Cheers
> > >
> > > FRIGN
> > >
> >
> > Whitespace patches can be large. This is to help ensure
> > that the user does not miss something in the patch that
> > changes the behaviour of the program. Like someone
> > trying to sneak in a backdoor or otherwise weaken
> > security. Of course the user will be reading the patch
> > to make sure that the patch fixes the whitespace
> > correctly.
> >
> > So it is not about handholding, but rather a security
> > feature.
>
> Currently, the easy way to do that is to build with and
> without the patch and run sha1 on the resulting binaries.
>

I have not thought about that.

Received on Thu Feb 25 2016 - 14:50:23 CET

This archive was generated by hypermail 2.3.0 : Thu Feb 25 2016 - 15:00:13 CET