- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Is there a way of restricting the access of compil...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-09-2018 10:31 AM
тАО10-09-2018 10:31 AM
Is there a way of restricting the access of compilers to only root users? (in my case it's cc).
Hello to all.
I have a quick question regarding the cc compilers I see I have on my old HP-UX machines (11.23 and 11.31). I was just told that I should "restrict" the access for compilers just to root, I checked and I was able to compile a hello world! program, so I was trying to find out if there's a way of restricting this other than just chamod 700 to the cc?
dalhda50:/root# type cc
cc is a tracked alias for /usr/bin/cc
dalhda50:/root# ls -ld /usr/bin/cc
lrwxr-xr-t 1 root sys 15 Jun 22 2010 /usr/bin/cc -> /usr/ccs/bin/cc
Thank you very much.
Regards,
Gustavo.-
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-09-2018 11:07 AM - edited тАО10-09-2018 11:49 AM
тАО10-09-2018 11:07 AM - edited тАО10-09-2018 11:49 AM
Re: Is there a way of restricting the access of compilers to only root users? (in my case it's cc).
Yes, you could use "chmod og-rx /usr/ccs/bin/cc_bundled" to prevent access.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-09-2018 11:31 AM
тАО10-09-2018 11:31 AM
Re: Is there a way of restricting the access of compilers to only root users? (in my case it's cc).
Hi, thanks for the answer. Yes I already did that:
$ ls -ld /usr/ccs/bin/cc
lrwxr-xr-x 1 bin bin 12 Jun 22 2010 /usr/ccs/bin/cc -> ./cc_bundled
$ ls -ld /usr/ccs/bin/cc_bundled
-rwx------ 1 bin bin 400852 Mar 26 2004 /usr/ccs/bin/cc_bundled
$ cc -V
ksh: cc: cannot execute
$ cc hello_world.c -o hello_world.exe
ksh: cc: cannot execute
Doesn't work as regular user ID.
I was trying to see if there wasn't any other ways other than chmod, but I guess this could work.
Regards,
Gustavo.-
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-09-2018 01:29 PM - edited тАО10-09-2018 01:29 PM
тАО10-09-2018 01:29 PM - edited тАО10-09-2018 01:29 PM
Re: Is there a way of restricting the access of compilers to only root users? (in my case it's cc).
> I was trying to see if there wasn't any other ways other than chmod,
> [...]
man setacl
If "root" is to be the only allowed user, then setacl may do no more
for you than chmod. (But, if you _really_ hate chmod, ...)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-10-2018 06:11 AM
тАО10-10-2018 06:11 AM
Re: Is there a way of restricting the access of compilers to only root users? (in my case it's cc).
Hi, thanks for answering. I do not have problems with chmod, I just wanted to know if there were another way, the same way you can add users to /etc/ftpusers to not allow them to use ftp.
Best regards.
Gustavo.-
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-14-2018 09:35 PM
тАО10-14-2018 09:35 PM
Re: Is there a way of restricting the access of compilers to only root users? (in my case it's cc).
> the same way you can add users to /etc/ftpusers to not allow them to use ftp.
No, using the compiler is not usually a security issue.
And the bundled C compiler is not for development.