Skip to content

nzec/trust

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
README.md
README.md
 
 
auth.c
auth.c
 
 
compiler-clean.c
compiler-clean.c
 
 
compiler-trojan.c
compiler-trojan.c
 
 

Repository files navigation

trust

  • First, compile compiler-clean.c normally (cc compiler-clean.c -o compiler-clean)
  • ./compiler-clean input_file out_file takes in the input_file, "compiles it", and gives the binary out_file (actually just passes it to gcc)
  • This is now our main compiler and is innocent.
  • Now, compile auth.c (./compiler-clean auth.c -o auth)
  • ./auth only authorizes if you run as root
  • Compile compiler-trojan.c using the compiler (./compiler-clean compiler-trojan.c compiler-trojan)
  • Now if we use it to compile auth.c (./compiler-trojan auth.c auth), it will give us access even if we are not root.

Now,

  • Compile compiler-clean.c using the malicious compiler (compiler-trojan compiler-clean.c compiler-clean)
  • We can throw away compiler-trojan.c and compiler-trojan and pretend like nothing ever happened.
  • Now, if we use our new compiler-clean (which is actually not-so-clean) to compile auth.c (compiler-clean auth.c -o auth), we see that it gives us access even if we are not root.

Moral: We can't trust our compiler.

Resources:

About

Reflections on Trusting Trust Demo

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages