Date: Wed, 16 Jun 2004 16:08:29 +0000 From: j.e.drews@att.net To: freebsd-questions@freebsd.org Subject: Should gcc be accessable by others? Message-ID: <061620041608.19913.40D0707D000648FA00004DC921587667559C990A9D0BD20AD206@att.net>
next in thread | raw e-mail | index | archive | help
Hi: I see that gcc, g++, and other tools are usable by world (others). I was wondering if that is a bad idea as I read here: http://www.itworld.com/nl/lnx_sec/09242002/pf_index.html that the slapper worm used gcc to compile it's exploit. Excerpt: The worm requires gcc to compile the .bugtraq.c file. .... Is it a good idea to change the permisions on the gcc tools to 750 ? I looked through the FreeBSD Handbook and could find no advice on this matter. Also are there other tools that should not be available like strace? How can I find out which ones are potentially exploitable? I am a newcomer to FreeBSD and have been using it for less than a year so don't be cross if these questions are naive. Kind regards, Jonathan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?061620041608.19913.40D0707D000648FA00004DC921587667559C990A9D0BD20AD206>