Differences

This shows you the differences between two versions of the page.

--- compilers:restrict_access_to_compilers [2017/01/30 10:26] – peter
+++ compilers:restrict_access_to_compilers [2019/11/26 22:01] (current) – removed peter
@@ Line 1: / Line 1: @@
-====== Compilers - Restrict Access to Compilers ======
-Add a compiler group
-Issue the following command:
-<code bash>
-sudo /usr/sbin/groupadd compiler
-</code>
-…and issue the following commands:
-<code bash>
-sudo chgrp compiler *cc*
-sudo chgrp compiler *++*
-sudo chgrp compiler ld
-sudo chgrp compiler as
-</code>
-…and set permissions:
-<code bash>
-sudo chmod 750 *cc*
-sudo chmod 750 *++*
-sudo chmod 750 ld
-sudo chmod 750 as
-</code>
-===== Redhat =====
-Show files provided by the gcc package:
-<code bash>
-rpm -q --filesbypkg gcc | grep 'bin'
-</code>
-returns
-<code>
-gcc                       /usr/bin/c89
-gcc                       /usr/bin/c99
-gcc                       /usr/bin/cc
-gcc                       /usr/bin/gcc
-gcc                       /usr/bin/gcov
-...
-</code>
-The **grep** selects files contained in the binary directories, /bin, /usr/bin, and /usr/sbin, etc.
-Create a group that will access the compiler-binaries:
-<code bash>
-groupadd compilers
-</code>
-Change ownership of the binary you want to restrict:
-<code bash>
-chown root:compilers /usr/bin/gcc
-</code>
-Change permissions to be executable only by root and members of the compilers group:
-<code bash>
-chmod 0750 /usr/bin/gcc
-</code>