Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm somewhat new to linux, and have a good functioning knowledge, but dont want to do something stupid, so i'd rather asking a stupid question.
would 'apt-get autoremove make' be the proper command? It wants to remove about 30 or so packages. I don't want to lose anything i might need to run apache2 and similar packages (self-configured web server). Running Lenny.
The following packages were automatically installed and are no longer required:
libstdc++6-4.3-dev libuser-identity-perl intltool-debian libmime-types-perl
g++-4.3 po-debconf libfile-remove-perl g++ libmail-sendmail-perl gettext
libobject-realize-later-perl html2text libmail-box-perl
The following packages will be REMOVED:
build-essential debhelper dpkg-dev g++ g++-4.3 gettext html2text
intltool-debian libfile-remove-perl libmail-box-perl libmail-sendmail-perl
libmime-types-perl libobject-realize-later-perl libstdc++6-4.3-dev
libuser-identity-perl make po-debconf
0 upgraded, 0 newly installed, 17 to remove and 0 not upgraded.
After this operation, 34.9MB disk space will be freed.
Anyone can install a compiler in their own home. It's not necessary to have it in /usr/bin. So IMHO removing a compiler won't change the vulnerability.
Anyone can install a compiler in their own home. It's not necessary to have it in /usr/bin. So IMHO removing a compiler won't change the vulnerability.
I only have one user, and its me.. or does that not matter.
So, where is the vulnerability? When a hacker gains access to your machine (using your account) he can install a compiler on his own. A compiler laying around on the disk won't do any harm. I would see it more in the context of space, e.g. you have a netbook with a small SSD and want to save some space, then I would remove it. Otherwise it doesn't matter.
Great response, Reuti. Your thoughts on that mimic my own. What's pretty wild is that I was reading over some NIST standards 5 years ago and remember reading a recommendation that was similar to what the OP was trying to do. The recommendation was to remove any compilers from the system.
People tend to forget that once a machine is cracked and root access is gained, anything that isn't already installed can be added by the malicious user. Not only that, but a cracker can also bring his own binaries. So, if the system is cracked, the cracker can either reinstall the removed compiler(s) or introduce binaries that he/she compiled before ripping into the system. The latter scenario is probably the better option for the cracker, as compiling software can sometimes be rather 'noisy'. It's more difficult to be stealthy if you've to compile, especially if the compiling registers as a system resource hit that is substantial enough to attract system admin attention. A cracker that gains system access only to begin to noisily compile software probably isn't a good cracker. The better effort would be to continually monitor network entry and exit points and harden those points to the maximum extent.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.