Closed ghost closed 10 years ago
I don't think this is a security issue (freepto is a really "standard" debian system, so it's very easy for anyone to compile for that system), but is true that we don't need build-essentials.
Any clue on why it is installed (ie: aptitude why build-essential
)? I think it is not explicitly asked.
here it is: http://dev.freepto.mx/dev/boyska+143-compiler/140922_11.40_v.1beta1-1-g11aca55-it/
this still installs cpp (required by x11-server-utils
, namely xrdb
), but most of other dev tools are not present anymore. Simple checks are
dpkg -l | grep -- -dev
dpkg -l | grep build-ess
dpkg -l | grep gcc
cpp should be present due to this bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=749646#10
so, probably it will be removed automatically in the future when the dependency will removed in the package.
I will test it
That dependency is not going to be removed: it is expected
oh right, they are talking about x11-apps.
Tested. the patch is working.
Currently gcc and build-essential are installed on Freepto, these packages should be removed.
This can decrease the chance of customized trojans, backdoors and rootkits to be compiled and installed.