Hello Anton, Tuesday, May 2, 2006, 5:05:10 AM, you wrote:
AK> Maybe, because in some cases, it just takes a bit more time to 0wn AK> your box if it has no compiler installed. It's like saying that a handgun makes your house an inherently more dangerous place. Handguns and compilers are both powerful tools. A person can kill themselves cleaning a handgun, or open their computer to insecurities by compiling buggy code, but in both cases, the danger lies in the user, not in the tool. I can cut my finger off with my table saw, too, if I am not careful. On multi-user systems, and on compromised systems, users (legitimate or otherwise) can import and deploy their own tools. I figure the real choke point, for limiting system damage, is limiting who gets to use the system, and after that, what sort of permissions legitimate users are granted. An illegitimate user with root permissions is god, and can do anything they want... and probably will, whether they are provided a compiler, or not. I have several compilers installed on my Windows boxes, and those boxes are still far more secure than the average Windows box, run by the average Windows user, that does not have a single compiler on board, simply by virtue of the box being owned and operated by a non-lame users, on a reasonably well-secured LAN (behind a BSD firewall). -wittig http://www.robertwittig.com/ . http://robertwittig.net/
