Installing a compiler by default
Shawn McMahon
smcmahon at eiv.com
Tue Jun 13 18:09:38 BST 2006
On Tue, Jun 13, 2006 at 12:11:54PM -0400, Lee Revell said:
>
> Um, the attacker would have to be root already to replace libs or kernel
> modules. You've already lost at that point. Game over, man.
At this point it becomes a matter of time. If the attacker can
immediately install his code, his advantage over you is increased. If,
instead, he's got to hunt for the C compiler, conclude that it's
missing, and go install one, you've created more time and more logged
actions. Defense in depth, Lee; no one thing "stops them in their
tracks". Every inconvenience for the attacker increases your security.
The question is, whether the inconvenience to the user is worth it.
There appears to be no consensus on this, and without consensus I don't
think we should change. Best practices are there to guide you when you
don't have consensus or technical reasons to change.
--
Shawn McMahon | "I can see the light at the end of the tunnel.
EIV Consulting | And now that I have some light, I can see the
http://www.eiv.com | tunnel needs painting too." - Steve Jackson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
Url : https://lists.ubuntu.com/archives/sounder/attachments/20060613/827793b8/attachment.pgp
More information about the sounder
mailing list