FW: Installing a compiler by default

Jonathan Jesse jjesse at iserv.net
Fri Jun 9 03:43:23 BST 2006 

Forwarding this to the doc team... Hopefully we can come up with a better
solution to highlight the need for build-essential if a user needs to
compile something,.

-----Original Message-----
From: sounder-bounces at lists.ubuntu.com
[mailto:sounder-bounces at lists.ubuntu.com] On Behalf Of Zak B. Elep
Sent: Thursday, June 08, 2006 10:02 PM
To: ubuntu-devel at lists.ubuntu.com; sounder at lists.ubuntu.com
Subject: Re: Installing a compiler by default

Hi Matt! =)

On 6/9/06, Matt Zimmerman <mdz at ubuntu.com> wrote:
> I would like to propose that, beginning in Edgy, Ubuntu desktop systems
> (both live and installed) should, by default, include the set of packages
> necessary to compile simple C programs and Linux kernel modules.

+1, see below :D

> My reasoning is based on the following points:
>  * A common reason to install a new driver on a Linux system is to gain
>    access to the Internet, so support can be difficult to obtain in such a
>    scenario

In my first experience with GNU/Linux years ago the first thing I had
to do was to get sound and modem working; `build-essential' and
`linux-kernel-headers' proved to be immensely useful.  Even up to now,
I still find a need to have a gcc and the kernel headers around, in
case there are some things that I need to have in the install up and
running.

>  * Users who are new to Ubuntu have no idea how to install the necessary
>    packages for building a kernel module

I suppose that some documentation/further elaboration would be desirable.

> Some arguments against this approach include:
>
>  * Most users don't need a compiler

I also suppose that some way of limiting access to gcc would be nice,
once the system has been properly set up; would setting gcc, et al.
for use only by members of the `src' or `staff' group be feasible?

>  * If they have already compromised a system, worms can use a compiler to
>    help propagate themselves and launch attacks (and if one is installed
by
>    default, this is a more appealing technique for targeting Ubuntu
systems)

Limiting gcc access to an authorized group should provide additional
preventive measure, but I'm not too sure...

Cheers,

Zakame

-- 
Zak B. Elep  ||  http://zakame.spunge.org
zakame at ubuntu.com  ||  zakame at spunge.org
1486 7957 454D E529 E4F1  F75E 5787 B1FD FA53 851D

-- 
sounder mailing list
sounder at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/sounder

More information about the sounder mailing list