Installation of a compiler on production web server is prohibited

An XCCDF Rule

Details
Profiles
Prose

Description

The presence of a compiler on a production server facilitates the malicious user's task of creating custom versions of programs and installing Trojan Horses or viruses.

Rationale

An attacker's code could be uploaded and compiled on the server under attack.

ID: xccdf_org.ssgproject.content_rule_httpd_no_compilers_in_prod
Severity: Medium
References: WG080
Updated: about 1 year ago