Installing a compiler by default

Scott Dier dieman at
Thu Jun 8 18:24:11 BST 2006

Rocco Stanzione wrote:
> I once avoided getting hit by slapper, in spite of a vulnerable apache+openssl 
> server, by having gcc executable only by myself.  For Ubuntu, we could make 
> this a group permission or UID=1000.  This doesn't help if the user's account 
> is compromised, but can help prevent compromised services (like apache) from 
> using gcc.

If this is done please ensure that it is highly configurable through 
debconf -- I install compilers with broken UID spaces based on legacy 
NIS configurations.


Scott Dier <dieman at>

More information about the ubuntu-devel mailing list