[Mono-list] Re: Bootstrapping

Paolo Molaro lupus@ximian.com
Fri, 9 Jul 2004 12:15:15 +0200

On 07/08/04 Norbert Bollow wrote:
> > Originally mcs and corlib where compiled with csc on windows, so
> > paranoid people suppose MS could have injected a trojan. Assuming pnet's
> > compiler could compile mcs and corlib correctly, would that give any
> > more guarantees? Nope, since thay had to use the MS compiler to build
> > their own corlib for much longer than us, the window of opportunity for
> > the evil MS to inject a trojan on their system was much bigger, so there
> > is no additional guarantee and people are deluding themselves if they
> > think there is.
> Is this an attempt to spread FUD (Fear, Uncertainty and Doubt) about
> the DotGNU Portable.Net (pnet) system, or did you honestly write the
> above without thinking about the matter first?

It's not FUD, it's just the reality: if people think that using pnet is
safer wrt a possible trojan injected by MS, they are deluding
themselves (and showing they don't know much about security).

> There is no possibility whatsoever that Microsoft could have injected
> a trojan into the DotGNU Portable.Net (pnet) system, since building
> pnet does not require already having a C# compiler or a "corlib".

This doesn't matter, see below: the problem is that the systems where pnet 
were built (just as mono) ran untrusted code compiled by the MS csc.

On 07/09/04 Thong (Tum) Nguyen wrote:
> Quite incorrect.  Building pnet's corlib doesn't require an existing corlib
> because PNET's compiler (like MS's compiler) is written in C.  Even if pnet
> used a trojan compiler to compile corlib at one point or another, any
> subsequent recompilation with cscc would overwrite the trojan.

Unless the C compiler (for example) was trojaned by the Console.WriteLine()
implementation (emitted by the hyphotetical trojaning MS compiler) when
the first tests were run with pnet. So the moment you ran untrusted code
on the system, it doesn't matter if you bootstrap from C or from C#.

Just as a summary, since people seem to be sensitive about these issues:
*) I don't think MS has trojaned either mono or pnet
*) if they could have trojaned mono, they could have done the same to pnet
*) since the trojaning of both systems is theoretical it's not easy to
say which one of the two could be more likely, but feel free to discuss
it in the paranoia@forever.com list:-)


lupus@debian.org                                     debian/rules
lupus@ximian.com                             Monkeys do it better