I've been reading through a few general security guides for Linux.

Quite a few of them have stated that it's a good habit to completely remove compilers from your system once your system is up and running and to only re-install them when you need to upgrade/recompile something.

While I do understand that it gives intruders less tools to use for attacks against your system, it definitely seems like the biggest pain having to install/remove compilers for each and every update you get (assuming they aren't on the same day).

My question is: how practical is this and how exactly could I go about setting up a script to automatically uninstall (when I don't need them) and re-install (when I do need them)?

Do many of you actively practice this method?

That sounds like paranoid nonesense to me. Perhaps if you're running a server that needs to be ultra secure, that might make sense, but for the average home computer user that's going way to far.

Definately production server specs. For home/dev boxen this is gonna be insane. If you wanna shield it, focus on measures that restrict compiler/dev tool access (to a group).

Chances are you are going to need to compile some programs here and there.. so removing all your compilers would not be a wise choice.