| 1 |
I got in to a discussion about which server to recommend for running |
| 2 |
the php5 symfony framework, and I recommended Gentoo as I had been |
| 3 |
using it my self for a couple of years and have been very satisfied |
| 4 |
with it. |
| 5 |
Somebody pointed out that having a productions server with a gcc |
| 6 |
installed was a big no no security wise, so I did a bit of goggling on |
| 7 |
that topic and found a couple of articles supporting that view. |
| 8 |
|
| 9 |
Maybe I'm just ill informed, but I can't really see the big problem |
| 10 |
here. Sure if there is a gcc compiler installed you can recompile |
| 11 |
everything to your hearts content, but you still need to get access to |
| 12 |
the server first. And if you have server access you can install gcc on |
| 13 |
any distribution. Even openbsd (to my knowledge) comes with gcc |
| 14 |
bundled and they claim to be the most secure *nix available. |
| 15 |
|
| 16 |
Im using the gentoo hardened profile for my production servers with a |
| 17 |
lamp stack and have considered them reasonably secure, but am I wrong |
| 18 |
in assuming this? |
| 19 |
|
| 20 |
Joe |
Archives