classification
Title: Build differences caused by the time stamps
Type: behavior Stage: resolved
Components: Library (Lib) Versions: Python 2.7
process
Status: closed Resolution: duplicate
Dependencies: Superseder: support reproducible Python builds
View: 29708
Assigned To: Nosy List: WaylandZ, r.david.murray
Priority: normal Keywords:

Created on 2017-08-31 08:15 by WaylandZ, last changed 2017-08-31 12:40 by r.david.murray. This issue is now closed.

Messages (2)
msg301042 - (view) Author: Wayland Zhong (WaylandZ) Date: 2017-08-31 08:15
When I build python (version 2.7.13), I find the build results are different every time. It seems to be caused by some times tamps, and they may be generated by the code below:
    Lib/py_compile.py:106: with open(file, 'U') as f:
    Lib/py_compile.py:107:     try:
    Lib/py_compile.py:108:        timestamp = long(os.fstat(f.fileno()).st_mtime)
    Lib/py_compile.py:109:    except AttributeError:
    Lib/py_compile.py:110:        timestamp = long(os.stat(file).st_mtime)
    Lib/py_compile.py:111:   codestring = f.read()

As we know, reproducible build is a good way to counter malicious attacks that generate malicious executables, by making it easy to recreate the executable to determine if the result is correct. How can I eliminate the differences caused by the time stamps? Just remove some code? Or is there any configuration?
If we can't eliminate the difference now, can lsof support it in future versions?
Thank you.
msg301047 - (view) Author: R. David Murray (r.david.murray) * (Python committer) Date: 2017-08-31 12:40
Duplicate of issue 29708.
History
Date User Action Args
2017-08-31 12:40:30r.david.murraysetstatus: open -> closed

superseder: support reproducible Python builds
nosy: + r.david.murray

messages: + msg301047
type: security -> behavior
resolution: duplicate
stage: resolved
2017-08-31 08:15:49WaylandZcreate