From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1HqLtp-0000QF-ES for garchives@archives.gentoo.org; Tue, 22 May 2007 04:23:05 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l4M4MVEE023510; Tue, 22 May 2007 04:22:31 GMT Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.180]) by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l4M4KaHY021227 for ; Tue, 22 May 2007 04:20:36 GMT Received: by py-out-1112.google.com with SMTP id a73so523802pye for ; Mon, 21 May 2007 21:20:35 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:references:x-google-sender-auth; b=dPnL5gwBlugNMxwXiWl7Zxnitc+ALqFGL1k/IqrFaECIt3FzVuuV1fv5hNJM7JPklw0udoKYef78Ic1zCXELSfv42wIBRG0jT2mvM3J5KCKD4yLexIlKR9Ud2v5+OwjtDdHbW2z5moIYMUxSWGpqAhbIcD+ofYFMSrfyz5m/xPw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:references:x-google-sender-auth; b=YHvUIdCQQc/ovdBdPW7keIgRWhKwjdmiQdDLcJwiqo4EMmVWQe7pRbd0X1y08JbvXxGCvylrvb+NFntZbSWpZJSfN4hlneweVj/yYU4vYNqWytFPqPc64yHt4y8nuq9QrCXJYF87wYJ1sq9A3sqXVK4hDIM48IliqJd/41/DFh8= Received: by 10.35.128.17 with SMTP id f17mr10024099pyn.1179807635218; Mon, 21 May 2007 21:20:35 -0700 (PDT) Received: by 10.100.48.16 with HTTP; Mon, 21 May 2007 21:19:40 -0700 (PDT) Message-ID: <13f8141f0705212119v5178518r872ceded8b05431d@mail.gmail.com> Date: Tue, 22 May 2007 14:19:40 +1000 From: "Justin Cataldo" Sender: justincataldo.com@gmail.com To: gentoo-server@lists.gentoo.org Subject: Re: [gentoo-server] Best practices in managing large server groups In-Reply-To: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-server@gentoo.org Reply-to: gentoo-server@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_160562_2054765.1179807580948" References: <4650937E.80301@spamcop.net> <4650BCC7.60909@vanalteren.nl> <200705211544.10900.bangert@gentoo.org> <4651AE78.3060705@buanzo.com.ar> X-Google-Sender-Auth: b798035d173c5e60 X-Archives-Salt: 4b19d95e-1972-4608-bd43-516e96fd2da7 X-Archives-Hash: 854b7ffc10cd554de258dad69d932eeb ------=_Part_160562_2054765.1179807580948 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline >Back to the original question. How do I run a number of gentoo boxes >without gcc (or a portage tree)? This all sounds way over my head, but anyway... could distcc be the answer? http://www.gentoo.org/doc/en/distcc.xml JC On 5/22/07, Ronan Mullally wrote: > > On Mon, 21 May 2007, Arturo 'Buanzo' Busleiman wrote: > > > But, of course, if they got access to the box, then the compiler is the > > least of your problems at that time, but I have to admit that the > > "slowing the attacker down" is an extra layer of protection. It provides > > the sysadmins/users/monitoring software more time to detect the breach. > > Removing development tools is one of just a range of security measures. > It is by no means the be-all and end-all of security - hence my mention of > security in depth. There are easily a couple of dozen security measures I > implement when installing a box. Removing development tools (or in most > cases, never installing them) is just one of them, but we diverge... > > Back to the original question. How do I run a number of gentoo boxes > without gcc (or a portage tree)? > > > -Ronan > -- > gentoo-server@gentoo.org mailing list > > ------=_Part_160562_2054765.1179807580948 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline >Back to the original question.  How do I run a number of gentoo boxes
>without gcc (or a portage tree)?

This all sounds way over my head, but anyway... could distcc be the answer?

http://www.gentoo.org/doc/en/distcc.xml

JC

On 5/22/07, Ronan Mullally <ronan@iol.ie> wrote:
On Mon, 21 May 2007, Arturo 'Buanzo' Busleiman wrote:

> But, of course, if they got access to the box, then the compiler is the
> least of your problems at that time, but I have to admit that the
> "slowing the attacker down" is an extra layer of protection. It provides
> the sysadmins/users/monitoring software more time to detect the breach.

Removing development tools is one of just a range of security measures.
It is by no means the be-all and end-all of security - hence my mention of
security in depth.  There are easily a couple of dozen security measures I
implement when installing a box.  Removing development tools (or in most
cases, never installing them) is just one of them, but we diverge...

Back to the original question.  How do I run a number of gentoo boxes
without gcc (or a portage tree)?


-Ronan
--
gentoo-server@gentoo.org mailing list


------=_Part_160562_2054765.1179807580948-- -- gentoo-server@gentoo.org mailing list