Installing a compiler by default
Shawn McMahon
smcmahon at eiv.com
Sat Jun 10 03:16:53 BST 2006
On Sat, 2006-06-10 at 07:04 +1000, Peter Garrett wrote:
>
> I don't understand the resistance to installing gcc and friends. Is there
> some kind of religious controversy involved of which I'm unaware?
>
If you consider "security best practices" to be "religion", then I guess
yes, your lack of knowledge of them may be the source of your confusion.
I recommend reading "Practical Unix and Internet Security", available
from O'Reilly and Associates, as a good starting point.
> To reiterate:
>
> What harm does it do?
> Why should it not be installed and available?
> How does the existence of compiling tools in a default install adversely
> affect ordinary users?
It reduces the security for ALL our users, to increase convenience for a
miniscule fraction
I am not denying that there is a problem that needs to be fixed; I'm
simply saying that your proposed solution isn't the right one.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/sounder/attachments/20060609/e645c316/attachment-0001.pgp
More information about the sounder
mailing list