Hacker News new | past | comments | ask | show | jobs | submit login

Unfortunately it takes awhile to compile Bun from scratch. It doesn’t need root privileges though. To compile Bun completely from scratch, you’d need to compile:

- Zig

- mimalloc

- libtcc

- zlib

- picohttpparser

- sqlite3

- BoringSSL

- WebKit’s JSCOnly port

- libarchive

- lol-html (+ rust)

From there, you also need clang 13, which you might also want to compile from source (though that can take an hour or more). When compiling Bun in CI, many dependencies are compiled from source (excluding Rust, LLVM, and Zig)




Ha, speak of the devil :)

To be clear, "then gave up" means I ended up just running the install script. Thanks for your work on Bun! Hoping to use it for a speedy websocket server some time soon.


> rust

The first break in this bootstrap chain is mrustc, which is 11 stable versions back. Hope you've got a couple days if you need the latest stable release of rustc.


How does compiling it yourself change anything?


If all you do is download the release binary, anything could compromise you. If you read the source, an inauthentic release binary could compromise you. If you read the source and compile it, a compromised compiler could compromise you. If you read the compiler source, bootstrap compiling it from hardware code (reading all the source along the way), read the app source, and finally compile it using your compiled compiler, then compromised hardware could compromise you.

Every step along the way you increase the severity of the statement "If I'm fucked, then so is everyone using X". You stop when the set of people using X grows so large than you are sufficiently worthless in comparison.


I agree with your explanation, but actually bootstrapping the compiler might not even be enough, as pointed out by Ken Thompson in his classical essay in 1984 [1] "Reflections on Trusting Trust.

Bruce Schneier already said that in 2006 [2]:

> It’s interesting: the “trusting trust” attack has actually gotten easier over time, because compilers have gotten increasingly complex

Since 2006 compilers have become even more sophisticated, but also much more complex, thus even harder to validate.

[1]: https://archive.org/details/reflections-on-trusting-trust

[2]: https://www.schneier.com/blog/archives/2006/01/countering_tr...


Yes, that's what the "..." represented in the OP. In fact I linked to that paper there too


I'm not sure I got your point.

Also, https://www.teamten.com/lawrence/writings/coding-machines/


you'd know for a fact the sources from which the executable you're using was compiled.

this would, in theory, allow you to make sure it doesn't contain any malicious code.

in reality, of course, this is rather impractical since you'd need to manually verify every single source file and every single line of code.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: