Am 12.02.2017 um 13:53 schrieb David Craven: > By development files I assume you mean header files? I don't see how those can > pose a security problem. Can you elaborate?
Yes, I meant header files, but also pkgconfig files and all this stuff (including documentation). Having this (and compilers, etc.) available on the target machine makes it *much* easier for an intruder to compile attack tools for malware on the target. If these are missing, the intruder needs to collect a lot of information first to be able to build tools for the target. Of course this is not a silver bullet, but it one piece of protection. Like a lock on the door: It may take the burglar only 2 Minutes to open it, but less skilled ones may be discouraged. Or these 2 Minutes may give you some advantage. -- Regards Hartmut Goebel | Hartmut Goebel | h.goe...@crazy-compilers.com | | www.crazy-compilers.com | compilers which you thought are impossible |
