[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Building amd64 kernels on i386

On 11/30/05, Brice Figureau <brice+debian@daysofwonder.com> wrote:
> Not having gcc on a machine is imho a quite good layer of protection, as
> it will defeat any rootkit script that compiles some custom tools (trust
> me there are more than you would have tought first, I just got my eyes
> on one a few days ago that wanted to be installed through a mambo
> server).

Not having gcc is about as good for security as ROT13 encoding the
names of all executables. Sure, it will confuse every script that
tries to install something, but is it worth it?

If you still have doubts, you can install gcc for compiling the kernel
and then remove it afterwards. Cross-compiling is experimental at
best, if it works at all. I would certainly not try the result of the
cross-compilation on a production server :-).


Reply to: