[CentOS] compilers a security risk?

Drew drew.kay at gmail.com
Sun Mar 7 13:49:31 UTC 2010


>> I don't have enough experience to assess the security issues. Does
>> anyone have an opinion on this? It would be simple and feasible to
>> allocate another domain as suggested above.

As was stated by others the compiler itself isn't any more of a
security risk then any other tool. If a hacker can get root he can
just as easily upload binary packages as he can compile source.

That said, I'd still recommend running a second VM as a build
environment. That way if for some reason an update to those custom
packages somehow horribly breaks the entire OS (don't laugh, I've seen
it happen) it's only the build environment you've trashed and not the
production environment.


-- 
Drew

"Nothing in life is to be feared. It is only to be understood."
--Marie Curie


More information about the CentOS mailing list