In message <[EMAIL PROTECTED] s.com>, "Cryer,Phil" writes: >Can anyone provide a more business sensitive response to "Isn't having a >C compiler on a prod box a security problem"? While I am in complete >agreement with the listed response: > >"The days when you could prevent people from running non-approved >programs by removing the C compiler from your system ended roughly with >the VAX 11/780 computer." > >[...] > >My reply is, if an attacker is on the box and can compile code, you >already have more problems to worry about. What other arguments could I >use?
Isn't that the reply you need ? If the attacker can move a source file onto the box, he could just as well have moved the compiled binary onto the box. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 [EMAIL PROTECTED] | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. _______________________________________________ varnish-misc mailing list [email protected] http://projects.linpro.no/mailman/listinfo/varnish-misc
