topic Re: How to ensure Source code is not install. in Operating System - Linux

How to ensure Source code is not install.

varian_1 — Tue, 12 Apr 2005 07:17:49 GMT

Hi,

How can I ensure that in my Linux installation (Red Hat any version) source code is not installed. This is the condition my client has given me that none of our software devlopment engineer should able to access the Linux source code.

Thanks in advance.

Walter

Re: How to ensure Source code is not install.

Chakravarthi — Tue, 12 Apr 2005 07:31:25 GMT

check /usr/src/linux folder, i guess this is where the kernel source will be installed

Re: How to ensure Source code is not install.

Eric van Dijken — Tue, 12 Apr 2005 07:33:57 GMT

Its not quite clear to me what you really mean, but Linux is Open Source.... Anyone can get access to the Linux source code.

On the other hand;
If you have a custom application/driver that the developer builds for you. Your best bet is to keep the machine private. As in don't give your software development engineers access to that machine. You may even go as far as not connect the machine to a network/LAN. And only permit console access to the machine. Or even better place the complete machine in a vault. So that if you have access to the vault (which may require two different keys, iris scans, etc.) only then you can access the machine.

Its very hard to keep things secure/private when you give them access to the machine.

Re: How to ensure Source code is not install.

varian_1 — Tue, 12 Apr 2005 07:48:10 GMT

Hi,

My S/W development team will be working on this Linux servers & machine will be on the network with full access to project team. But the condition is that the devlopment team should not access Linux source code. To achive this condition I have to ensure that no linux source code is installed on Linux servers while OS installation or else I need to uninstall the Linux source code after OS installation.
Please tell me how I can do this.

Thanks for your prompt replies.
Regards
Walter

Re: How to ensure Source code is not install.

Stuart Browne — Tue, 12 Apr 2005 07:54:15 GMT

If you mean the kernel source where you say 'Linux source code', then just make sure the 'kernel-source' package is not installed.

If it is, just 'rpm -e kernel-source'.

By default, it installs to '/usr/src/linux-2.x' (where 'x' is either 4 or 6 depending on RH[789]/RHES3/Fedora[12] or RHES4/Fedora[34] respectivly).

If it's installed on a HP ML/DL/BL server though, you will need to be careful, as when you do a kernel update, the RAID controller and monitoring drivers will need to be rebuilt with the help of the kernel-source.

Re: How to ensure Source code is not install.

Eric van Dijken — Tue, 12 Apr 2005 08:01:52 GMT

And what would keep them from "reinstalling" the kernel source in an other place?

But anyways (from my RHES3 server):

# rpm -qa | grep kernel-source
kernel-source-2.4.21-27.EL
# rpm -e kernel-source-2.4.21-27.EL

This should do the trick.

Re: How to ensure Source code is not install.

Chakravarthi — Tue, 12 Apr 2005 08:18:46 GMT

remove the source rpm

Re: How to ensure Source code is not install.

Vitaly Karasik_1 — Tue, 12 Apr 2005 09:29:17 GMT

In redhat [suse, mandrake, other rpm-based distros] you should not install .src.rpm and kernel-source.rpm packages.

In redhat you can delete sources by erazing /usr/src/linux-2.4 and /usr/src/redhat/SOURCES directories.

Re: How to ensure Source code is not install.

Dave Falloon — Tue, 12 Apr 2005 10:23:57 GMT

I think what he means is that they don't want to taint their developed code by stealing open source code and integrating it into their closed product. GPL requires software that uses open source code to be public, which destroys the business of selling that product, well not really but thats the way marketing people see it.

What you are looking for is a code grinder that compares source files for commonalities, ie. stolen lines of code.

http://www.google.ca/search?q=source+code+comparison+tool

Lots to choose from.

--Dave