Pascal Terjan wrote:

>On 9/23/05, mathew <meta / pobox.com> wrote:
>  
>
>>I'm fascinated by the idea that a C compiler is a uniquely dangerous
>>vector for exploits.
>>
>>If you have Ruby and Perl on a system, you already have everything you
>>need to carry out most exploits. And if the hacker really needs a C
>>compiler--I dunno, maybe there are lots of hackers out there who don't
>>have C compilers on their machines--he can simply download one.
>>    
>>
>
>I _saw_ a lot of Linux/UNIX worms downloading themselves using a flaw
>in some php app and then running gcc on the .c file. I saw one place
>where it worked because there was gcc and a lot of places where it did
>not work because gcc was not there...
>  
>

Then simply rename your C compiler... That way you can keep it around, 
and still not have badly written worms run.

apt-get install foo --with-compiler /usr/bin/sekritcc


mathew
[ Ha ha, only serious... ]