I got in to a discussion about which server to recommend for running
the php5 symfony framework, and I recommended Gentoo as I had been
using it my self for a couple of years and have been very satisfied
with it.
Somebody pointed out that having a productions server with a gcc
installed was a big no no security wise, so I did a bit of goggling on
that topic and found a couple of articles supporting that view.
Maybe I'm just ill informed, but I can't really see the big problem
here. Sure if there is a gcc compiler installed you can recompile
everything to your hearts content, but you still need to get access to
the server first. And if you have server access you can install gcc on
any distribution. Even openbsd (to my knowledge) comes with gcc
bundled and they claim to be the most secure *nix available.
Im using the gentoo hardened profile for my production servers with a
lamp stack and have considered them reasonably secure, but am I wrong
in assuming this?
Joe
