On 11/30/05, Brice Figureau <[EMAIL PROTECTED]> wrote: > Not having gcc on a machine is imho a quite good layer of protection, as > it will defeat any rootkit script that compiles some custom tools (trust > me there are more than you would have tought first, I just got my eyes > on one a few days ago that wanted to be installed through a mambo > server).
Not having gcc is about as good for security as ROT13 encoding the names of all executables. Sure, it will confuse every script that tries to install something, but is it worth it? If you still have doubts, you can install gcc for compiling the kernel and then remove it afterwards. Cross-compiling is experimental at best, if it works at all. I would certainly not try the result of the cross-compilation on a production server :-). Thomas
