Installing a compiler by default
Florian Zeitz
Florian.Zeitz at gmx.de
Thu Jun 8 21:30:44 BST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Anders Karlsson wrote:
> On Thu, 2006-06-08 at 09:44 -0700, Matt Zimmerman wrote:
>> I would like to propose that, beginning in Edgy, Ubuntu desktop systems
>> (both live and installed) should, by default, include the set of packages
>> necessary to compile simple C programs and Linux kernel modules.
>
> [snip]
>
> Having a compiler installed is not wrong, and you already identified
> what would be my biggest fear, getting systems compromised and handing
> the intruder the tools to carry on on a silver platter.
>
> It can possibly be mitigated by at the same time ensuring that possibly
> SELinux is installed and active with a sensible default and there is a
> sensibly configured firewall on the system. With the dbus interface, it
> should be possible to then highlight to a user if there is something
> 'funny' going on. It's just a thought.
>
> Kind Regards,
>
>
My personal opinion on the security mater is, that on a default desktop
install ubuntu's no open ports policy is used, so there won't be any
possibility for attackers to get in anyway.
Ubuntu-server should certainly not have gcc installed by default.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
iD8DBQFEiIj00JXcdjR+9YQRAvUNAJ0envJgIa6nlZCNotUuoJ8U59WdjACfaIRx
tWwoiZWk87OvFGKQyzQWXOg=
=AMGc
-----END PGP SIGNATURE-----
More information about the ubuntu-devel
mailing list