[LRUG] Compiling native extensions during deployment?

Thom May thom at may.lt
Fri Oct 21 05:40:56 PDT 2011


On Fri, Oct 21, 2011 at 13:11, Daniel Barlow <dan at telent.net> wrote:
> On Fri, Oct 21, 2011 at 11:47 AM, Paul Battley <pbattley at gmail.com> wrote:
>> On 21 October 2011 07:40, David Waller <david.a.waller at btinternet.com> wrote:
>>> So are there good security reasons - theoretical or born out of studies of
>>> exploits in the wild for not having a compiler around?
>>
>> I wonder about this too: if you can write to disk, you can get a small
>> compiler like TCC (100 kB!) on there, so not having a C compiler isn't
>> a huge limitation to a hypothetical miscreant.
>
> Well, if you can write to disk _and the filesystem is not mounted
> no-exec_, yes -  or you can just upload a binary you created elsewhere
> and run that.  But, assuming that the host has ruby installed you
> already have the full powers of Kernel#syscall at your disposal, so if
> you really want to you can do anything that your unix uid has
> permissions to do anyway.
>
> That said I can understand why ops people want to avoid installing
> compilers anyway, just because it makes life harder for the script
> kiddies.  Security through obscurity is no real security, but some
> additional hoops to make people jump through might just save your
> bacon if your proper security measures turn out to be lacking

If you get hit by someone who has no idea what they're doing but is
running an automated script that expects a compiler to be on the
machine, you get a pass. It doesn't protect you from a competent
attacker, but a fair proportion of attacks are entirely automated.

-t



More information about the Chat mailing list