[clug] Anti-Virus Software

Kevin Pulo kev at pulo.com.au
Thu Jun 24 21:16:50 MDT 2010

On Fri, Jun 25, 2010 at 12:24:41PM +1000, Paul Wayper wrote:

> The source code is there.

The point of Steve's post was that you are still trusting that the
compiler is generating machine code which corresponds to the source
code you gave it.  Malicious compilers aren't usually part of the
threat model.

Auditing the compiler's source doesn't help, because it's recursive
(you need a compiled compiler to compile the compiler source :).
Bootstrapping from audited machine code is the only way to go, but
that is far too onerous (and even then you're still trusting the CPU
to faithfully execute the instructions).

I've written something similar (if less diabolical) in the C
preprocessor, which writes itself to /usr/include/stdio.h.  After
running an infected program with perms to modify stdio.h, any other C
programs built on that machine will be infected.  So trust is placed
not only in the compiler, but the whole toolchain, libraries, kernel
and everything underneath whatever you're running.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/linux/attachments/20100625/16cb5d36/attachment-0001.pgp>

More information about the linux mailing list