[CentOS] compilers a security risk?
m.roth at 5-cent.us
m.roth at 5-cent.usMon Mar 8 14:48:11 UTC 2010
- Previous message: [CentOS] compilers a security risk?
- Next message: [CentOS] compilers a security risk?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> On 3/6/2010 4:04 PM, nate wrote:
>>
>> if you can upload source code,
>> you can upload a precompiled binary
>
> True, but most attacks are automated, and try to attack as wide a range
> of machines as possible.
>
> If I were to write a bit of malware for *ix that needed a custom binary
> on the target machine, I'd at least consider distributing it as C code,
> banking on the fact that most *ix systems have a C compiler installed by
> default these days.
<snip>
Which is why, for the 10 or 11 years that I've used a linux box as a
firewall router at home, it had almost *nothing* on it, and that was
before I ran Bastille against it. I intended it as a cheap (old hardware,
the second one was scrounged) firewall/router, and *nothing* *else*. So,
when I built it, no compilers, no languages (other than things like perl
and awk and shells), no X... and only one user other than the system users
(me).
mark
- Previous message: [CentOS] compilers a security risk?
- Next message: [CentOS] compilers a security risk?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list