| 1 |
> <..> Normally on a system which needs to be secure you don't |
| 2 |
> have any compiler <..> |
| 3 |
|
| 4 |
Oh no.. Not this again. |
| 5 |
|
| 6 |
Having a compiler on the system _does NOT matter_! |
| 7 |
|
| 8 |
What? You think it's bad if an attacker can compile stuff on your server? If you know you won't find an attacker _before_ he's playing with your compiler you should be more worried about your perimeter. |
| 9 |
|
| 10 |
If I put myself in the attackers perspective, I would never compile exploit source code on a cracked server. I would use obfuscated binaries, nothing else, as this would further lessen the odds of discovery. |
| 11 |
|
| 12 |
Doesn't OpenBSD ship with a compiler? It does. Applying patches to source code and compiling it is even the recommended way of keeping your system up to date. |
| 13 |
|
| 14 |
A compiler is not a security risk. |
| 15 |
|
| 16 |
// Daniel |
| 17 |
|
| 18 |
-- |
| 19 |
gentoo-security@g.o mailing list |
Archives