On Mon, 21 May 2007, Arturo 'Buanzo' Busleiman wrote: > But, of course, if they got access to the box, then the compiler is the > least of your problems at that time, but I have to admit that the > "slowing the attacker down" is an extra layer of protection. It provides > the sysadmins/users/monitoring software more time to detect the breach.
Removing development tools is one of just a range of security measures. It is by no means the be-all and end-all of security - hence my mention of security in depth. There are easily a couple of dozen security measures I implement when installing a box. Removing development tools (or in most cases, never installing them) is just one of them, but we diverge... Back to the original question. How do I run a number of gentoo boxes without gcc (or a portage tree)? -Ronan -- [EMAIL PROTECTED] mailing list
