[geeks] Compilers - safe on servers?
der Mouse
mouse at Rodents-Montreal.ORG
Mon Mar 2 08:11:41 CST 2009
> The problem with *that* is I was always lead to believe this was a
> bad idea on production servers because in the even of a security
> breach the gcc compiler could be used to compile malicious code.
This is true as far as it goes, but there are so many ways to get a
binary compiled elsewhere onto the machine that it doesn't make much
difference in practice.
Unless, of course, you have it locked down so tight during normal
operation that there _aren't_ a zillion different ways to get a binary
from elsewhere onto it, in which case you have a valid point. What I
would probably do is to go ahead and install the compiler, then
uninstall it when I'm done using it. I might even install the compiler
on an external drive which I then remove for production use.
/~\ The ASCII Mouse
\ / Ribbon Campaign
X Against HTML mouse at rodents-montreal.org
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
More information about the geeks
mailing list