FreeBSD Today (modular devel tools? or what was it again?)

[Mike Hoskins]

Daniela wrote:
> What??? Remove the compiler for better security???

a lot of traditional security checklists have suggested "removing 
anything not absolutely necessary" when "hardening" machines.  the idea 
is usually to make things as "hard as possible" for would-be attackers 
(as long as the changes are easy to manage, and removing/changing some 
subset of standard tools is certainly easy/scritable).  many of the 
security measures put into place can often be worked around...  it's by 
layering various approaches and making attacks hard for all but the 
(in)famous "determined attacker" that significant security is gained.

in short, i don't currently do this on my boxes (although i have 
stripped a number of other "standard" binaries on firewall appliance 
machines before, using cfengine to regularly verify/enforce their 
removal...  the same with removing SUID/SGID bits on utils i never use), 
but there is some arguable amount of "security relevance"...  about the 
same as getting a car alarm...  which any real thief can easily bypass.

i also originally assumed anyone taking the time to write "compiler 
removal" into their security policies would have done enough auditing 
and analysis to understand what they were trying to gain (who does 
something like this ad-hoc?  no one who plans to keep thier job.), and 
what other systemic tidbits may cause similar "problems".  (having a hex 
editor lying around probably wouldn't be in line with that thought. ;)