Unix best practices WRT security often mention removing compilers, esp. from systems that sit in a DMZ. What is the FreeBSD community's stance on this? I do most of my package management with the ports system, removing compilers would significantly alter the way I manage the hosts. How about chmod 700 things like gcc? Would that increase the overall security posture without breaking anything? Thoughts?