Mailinglist Archive: opensuse-security (485 mails)

< Previous Next >
Re: [suse-security] Minimum number of packages
  • From: Holger Schletz <h.schletz@xxxxxxxxx>
  • Date: Sun, 7 Mar 2004 12:59:33 +0100
  • Message-id: <200403071259.33480.h.schletz@xxxxxxxxx>
Hi,

> If an account gets compromised, the attacker could just copy any binary
> from remote he wants to have. An attacker compiling the binaries on the
> remote system would be a really stupid attacker anyway.

This is exactly what the Slapper worm did, and it was not stupid. A
precompiled binary would have been bound to a specific system architecture,
UNIX and dialect, maybe even distro and version. For automated attacks like
these, compiling a C soure file on the target system gains flexibility, thus
increasing the damage by being able to spread among much more systems.

Thus, the presence of a C compiler (and other software development tools) on a
public server IS a possible risk.

Regards,
Holger


< Previous Next >