Date: Wed, 18 Feb 1998 11:22:53 -0800 (PST) From: Doug White <dwhite@gdi.uoregon.edu> To: mgraffam@mhv.net Cc: Studded <Studded@san.rr.com>, freebsd-questions@FreeBSD.ORG Subject: Re: gcc 2.8.0 Message-ID: <Pine.BSF.3.96.980218112024.13769F-100000@gdi.uoregon.edu> In-Reply-To: <Pine.LNX.3.96.980217190037.32749A-100000@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 17 Feb 1998 mgraffam@mhv.net wrote: > I agree that limited access to the C compiler helps improve the security > of the system, but you must remember that you are using PC's with a > free OS. How long do you think it would take for someone to install > FreeBSD off of CD, get to a shell, compile the exploits they need and > then upload the binaries to your system? > > I say 60 minutes, tops.. if the attacker is familiar with FreeBSD. > I don't think total removal makes much sense on PC's with a free OS. > There are too many PC's running around, and anyone can get the > OS. I bid them good luck on my printserver; there's 2mb left on the disk, and only telnet, ftp and LPRng are running. :) And it's a 386/33; compiles would take hours. Submitting print jobs takes long enough. If someone can run your C compiler to compile a program that can break you, you're already lost. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980218112024.13769F-100000>