[distcc] some questions
joerg.beyer at email.de
joerg.beyer at email.de
Mon Sep 30 12:12:01 GMT 2002
Aaron Lehmann <aaronl at vitelus.com> schrieb am 29.09.02 23:03:04:
> On Sun, Sep 29, 2002 at 10:15:01PM +0200, joerg.beyer at email.de wrote:
> > for xecurity reasons, you should not have a compiler installed
> > on a firewall. A compiler is a powerfull tool for an attacker - so he
> > should not find one on a firewall.
>
> I'm sorry but this is false. A compiler is NOT a dangerous tool. It is
> entirely unprivileged. An attacker can easily compile code on a
> similar system and upload it to the target system, install a compiler
> on the target system, or build a cross compiler on his/her own system
> if necessary.
well I was reffering to the practice stated as:
Disable or uninstall any unnecessary services and software on the
firewall that are not specifically required.
you may as well call me paranoid, that's ok for me :-)
Joerg
More information about the distcc
mailing list