[LRUG] Compiling native extensions during deployment?
Paul Battley
pbattley at gmail.com
Fri Oct 21 03:47:15 PDT 2011
On 21 October 2011 07:40, David Waller <david.a.waller at btinternet.com> wrote:
> So are there good security reasons - theoretical or born out of studies of
> exploits in the wild for not having a compiler around?
I wonder about this too: if you can write to disk, you can get a small
compiler like TCC (100 kB!) on there, so not having a C compiler isn't
a huge limitation to a hypothetical miscreant.
http://bellard.org/tcc/
Paul.
More information about the Chat
mailing list