compilers:restrict_access_to_compilers
This is an old revision of the document!
Compilers - Restrict Access to Compilers
Add a compiler group
Issue the following command:
sudo /usr/sbin/groupadd compiler
…and issue the following commands:
sudo chgrp compiler *cc* sudo chgrp compiler *++* sudo chgrp compiler ld sudo chgrp compiler as
…and set permissions:
sudo chmod 750 *cc* sudo chmod 750 *++* sudo chmod 750 ld sudo chmod 750 as
Redhat
Show files provided by the gcc package:
rpm -q --filesbypkg gcc | grep 'bin'
returns
gcc /usr/bin/c89 gcc /usr/bin/c99 gcc /usr/bin/cc gcc /usr/bin/gcc gcc /usr/bin/gcov ... <code> The **grep** selects files contained in the binary directories, /bin, /usr/bin, and /usr/sbin, etc. Create a group that will access the compiler-binaries: <code bash> groupadd compilers
Change ownership of the binary you want to restrict:
chown root:compilers /usr/bin/gcc
Change permissions to be executable only by root and members of the compilers group:
chmod 0750 /usr/bin/gcc
compilers/restrict_access_to_compilers.1485771991.txt.gz · Last modified: 2020/07/15 09:30 (external edit)