[CentOS] compilers a security risk?

Dave Stevens geek at uniserve.com
Sat Mar 6 23:02:01 UTC 2010

I manage a web hosting server that we've recently upgraded, in part so  
we could accommodate a domain that will enable community mapping. In a  
recent exchange of mails one developer said:

"I could build the package directly on the server machine you have,
provided that the potential security risk posed by having compilers
installed is not an issue."

and another said:

"What sort of security risk is there in having compilers installed on a
working server?

"Obviously we can remove the compilers, however when Mapserver or postgis
get updated, we will need to build new packages somewhere. One option:
create a second VM for mapchat. We'll put the build environment on it,
and only turn it on to make new packages."

I don't have enough experience to assess the security issues. Does  
anyone have an opinion on this? It would be simple and feasible to  
allocate another domain as suggested above.


"It is no measure of health to be well adjusted to a profoundly sick society."

More information about the CentOS mailing list