Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
Trac
Trac
  • Project overview
    • Project overview
    • Details
    • Activity
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Operations
    • Operations
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Create a new issue
  • Issue Boards

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • Legacy
  • TracTrac
  • Issues
  • #6008

Closed
Open
Opened May 31, 2012 by Andrew Lewman@andrew

Improve software assurance

Improving software assurance through repeatable builds across all operating systems and verifiable build system security. Without getting into endless black holes (see http://cm.bell-labs.com/who/ken/trust.html), we should be able to document how our software was built and others should be able to repeat the exact same steps and build the exact same binaries. The binaries should be verifiable through some hash algorithm or forensic analysis of the resulting binaries.

This goes towards improving our build integrity and build security once others can independently verify the binaries.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: legacy/trac#6008