Archives
Archives
| From: | Nicolas Sebrecht <nicolas.s-dev@×××××××.net> | ||
|---|---|---|---|
| To: | gentoo-user@l.g.o | ||
| Cc: | Nicolas Sebrecht <nsebrecht@×××××.fr>, Nicolas Sebrecht <nicolas.s-dev@×××××××.net> | ||
| Subject: | [gentoo-user] Re: Fwd:How about the gentoo server or cluster in production environment? | ||
| Date: | Thu, 20 Feb 2014 20:40:51 | ||
| Message-Id: | 20140220204103.GA3381@vidovic.ultras.lan | ||
| In Reply to: | Re: [gentoo-user] Re: Fwd:How about the gentoo server or cluster in production environment? by Andrew Savchenko |
||
| 1 | On Thu, Feb 20, 2014 at 08:52:07PM +0400, Andrew Savchenko wrote: |
| 2 | |
| 3 | > And this point is one of the highest security benefits in real world: |
| 4 | > one have non-standard binaries, not available in the wild. Most |
| 5 | > exploits will fail on such binaries even if vulnerability is still |
| 6 | > there. |
| 7 | |
| 8 | While excluding few security issues by compiling less code is possible, |
| 9 | believing that "non-standard binaries" (in the sense of "compiled for |
| 10 | with local compilation flags") gives more security is a dangerous dream. |
| 11 | |
| 12 | -- |
| 13 | Nicolas Sebrecht |
| Subject | Author |
|---|---|
| Re: [gentoo-user] Re: Fwd:How about the gentoo server or cluster in production environment? | Alan McKinnon <alan.mckinnon@×××××.com> |
| Re: [gentoo-user] Re: Fwd:How about the gentoo server or cluster in production environment? | Andrew Savchenko <bircoph@×××××.com> |