In general, the prevailing wisdom on servers installs is that they should be as stripped-down as possible. There are a few motivations for this, but they don t really apply all that directly to your question about a compiler:
- Minimize resource usage. GCC might take up a little extra disk space, but probably not enough to matter - and it won t be running most of the time, so CPU/memory usage isn t a big concern.
- Minimize complexity. Building on your server might add a few more failure modes to your build process (if you build elsewhere, then at least you will notice something wrong before you go mess with your production server), but otherwise, it won t get in the way.
- Minimize attack surface. As others have pointed out, by the time an attacker can make use of a compiler, you re probably already screwed..
在我公司,如果汇编者安装在我们服务器上,我们一般不会过于谨慎,但出于某种不同的原因,我们也在我们的服务器上安装never<>>>>>>>> >pip。 我们不关心一揽子计划的建立,而是何时和如何下载。
我们当中特别幸运的是,在没有任何认证形式的情况下(无特别安全法,没有包裹签名,......) pip(而且很容易——install)将安装从PYPI的包裹。 此外,其中许多草原实际上在PYPI上任;管道和轻松接线。 因此,这里有两个问题:
- If pypi - or any of the other sites on which your dependencies are hosted - goes down, then your build process will fail
- If an attacker somehow manages to perform a man-in-the-middle attack against your server as it s attempting to download a dependency package, then he ll be able to insert malicious code into the download
因此,当我们首先增加依赖性时,我们就下载一揽子计划,尽最大努力确保来源是真实的(这并非无proof可击),并将它们纳入我们自己的版本控制系统。 我们确实在一个单独的建筑服务器上建立我们的一揽子计划,但这一点并不重要;我们只是认为,建立一个我们能够迅速部署到多种情况的双双轨一揽子计划是有益的。
