Installing a compiler by default

Rocco Stanzione grasshopper at linuxkungfu.org
Thu Jun 8 18:20:45 BST 2006 

On Thursday 08 June 2006 11:44, Matt Zimmerman wrote:
> I would like to propose that, beginning in Edgy, Ubuntu desktop systems
> (both live and installed) should, by default, include the set of packages
> necessary to compile simple C programs and Linux kernel modules.

One of the first things I install is build-essential, and 'apt-get install 
build-essential' is one of the more common answers to questions asked on irc.  
+1.

> My reasoning is based on the following points:
>
>  * Linux systems have traditionally shipped with gcc
>
>  * The most common way to obtain a new driver for a Linux system is
>    to compile it from C source code
>
>  * A common reason to install a new driver on a Linux system is to gain
>    access to the Internet, so support can be difficult to obtain in such a
>    scenario
>
>  * A great deal of distribution-agnostic documentation assumes the
>    availability of gcc
>
>  * Users who are new to Ubuntu have no idea how to install the necessary
>    packages for building a kernel module
>
>  * build-essential and linux-headers are already included on Ubuntu CDs, so
>    they would not occupy more space if installed by default
>
>  * An excessive amount of RAM is needed to install build-essential and
>    linux-headers in the live CD environment, and we only have enough space
>    for them either in preinstalled form (for the live session) OR packaged
>    form (for the installed system), not both

I agree with all these arguments, and I don't have any more to add just now.

> Some arguments against this approach include:
>
>  * Most users don't need a compiler
>
>  * If they have already compromised a system, worms can use a compiler to
>    help propagate themselves and launch attacks (and if one is installed by
>    default, this is a more appealing technique for targeting Ubuntu
> systems)

I once avoided getting hit by slapper, in spite of a vulnerable apache+openssl 
server, by having gcc executable only by myself.  For Ubuntu, we could make 
this a group permission or UID=1000.  This doesn't help if the user's account 
is compromised, but can help prevent compromised services (like apache) from 
using gcc.

>  * We should solve the same problems in more elegant ways where possible
>
> I'm interested in hearing more opinions one way or the other, especially
> from beyond the developer community.

Thanks,

Rocco

More information about the sounder mailing list