LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] Can anyone see any reason why a customer would need to compile a new compiler?

[ILUG] Can anyone see any reason why a customer would need to compile a new compiler?

Declan Moriarty junk_mail at iol.ie
Fri Jun 23 17:46:20 IST 2006 

On Fri, 2006-06-23 at 16:22 +0000, conor at discuskeeping.com wrote:
> Hey lads,
> 
> I have this customer who wishes to compile gcc4.11 (which is not a  
> part of RHEL3 / 4, but I believe slated for RHEL5. 4.x anyway.
> 
> Can anyone tell me whay there would be a need to do so? I cannot see one.
> Surely he would have to also re-compile glibc and stuff, non?


Here's the _user_ lecturing sysadmins and programmers about
compilers :-). Life is funny sometimes

Gcc-4.1 has many security minded features built in, notably SSP. 
Probably he's been reading and wants these.

The trick to hacking in many cases is a buffer overrun, which then
overwrites a the pointer area, and clever doing of that allows the
hacker to point at his own code, and he's in.

SSP prevents this in the kernel. If he compiles against your existing
glibc and kernel headers, and gets going, he will be able to get ssp
protection throughout. But only if he compiles throughout.It will be a
huge security leap forward but it is still _very_ rough

The bad news is, he can't have yum, or rpm, apt-get, or any of those,
because running 'yum update' brings him back to rhel spec. Nothing
works, because RHEL is compiled with a particular set of --sysconfdir=
--enable this --disable-that and he doesn't know what they are. Further,
it would be clever not to run make install in any compile, but rpm
build. And all the fancy things in RHEL would stop working like RHEL
should. Probably gcc-4.1 will not compile on the kernel headers in RHEL.

This is such an appalling vista under rhel that yopu're much better
throwing the distro out and going for HLFS (Hardened Linux From
Scratch). Tell him I'll build him one ;-). Then he's got a stripped down
system with none of the bells and whistles of RHEL. Fine for a sysadmin
minding a server that's ok, but for anyone trying to run multimedia it
is a pain.
-- 
        With Best Regards,

        Declan Moriarty.

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell