David A. Wheeler <dwheeler <at> dwheeler.com> writes: > Unsurprisingly, it requires determinism (e.g., recompiling the same > program with the same compiler, on & for the same architecture, > produces the same binary). As you say: ----------------- $ # If a.out and a.out.saved are always identical (except internal $ # timestamps, if any) then the compiler is deterministic. ----------------- And I could almost swear it is also possible to (automatically) edit binaries that are different due to different environments (i.e. think things that embed uname -v, perl -V etc.) so that a baseline is established and _then_ checksummed, giving the correct (i.e. relevant) comparison. -- Bojan -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
