Installing a compiler by default
Florian Diesch
diesch at spamfence.net
Tue Jun 13 01:56:48 BST 2006
Scott Dier <dieman at ringworld.org> wrote:
> Anders Karlsson wrote:
>> You misunderstand. A C compiler in itself does not compromise security,
>> and if you phrased the question like that, I'd tell you it was BS as
>> well. On a system that run services it is bad security practise to
>> install a compiler, for reasons already explained, and the book Shawn
>> points you at will reaffirm this.
>
> Isn't having a interpreter of any sort just about the same problem?
With an interpreter you can execute code but with a C compiler you can
much more easily replace libs or kernel modules which is what most
root kits are doing.
> If you can't do it with Perl, is it worth doing at all? ;)
The Perl interpreter is written in C ;-)
Florian
--
<http://www.florian-diesch.de/>
More information about the sounder
mailing list