David Terrell wrote:
On Thu, Aug 24, 2006 at 12:38:26PM -0700, Nick Shank wrote:
Through all of this, and maybe I've just missed it, what happens when a
user tries to make spl01t.c?
stop it, please, you're killing me.
There is nothing special about your machine that makes binaries compiled
somewhere else not be able to use exploits against it. Removing the
compiler does not hurt any serious attacker. If you really care about
defending your machine against idiots who can't figure out how to compile
an exploit on another machine, well, congratulations, you're already
running OpenBSD.
Earth to Dave, Earth to Dave, there's another soap-box over on 42nd &
Main...
Erm, right...
Regardless, I was simply asking if 1) The possibility of a user who has
access to the system had been thought of, and 2) Would it matter.
Yes, I install the compXX package. Why? It's convinient. Is it
exploitable? Sure, why not. Do I care? No, not really.
And please, reply just to the list, and not to me directly...
