From owner-freebsd-arch@FreeBSD.ORG Thu May 24 07:00:37 2007 Return-Path: X-Original-To: freebsd-arch@freebsd.org Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E979F16A400 for ; Thu, 24 May 2007 07:00:37 +0000 (UTC) (envelope-from obrien@NUXI.org) Received: from dragon.NUXI.org (trang.nuxi.org [64.81.59.225]) by mx1.freebsd.org (Postfix) with ESMTP id C428F13C44C for ; Thu, 24 May 2007 07:00:37 +0000 (UTC) (envelope-from obrien@NUXI.org) Received: from dragon.NUXI.org (obrien@localhost [127.0.0.1]) by dragon.NUXI.org (8.13.8/8.13.8) with ESMTP id l4O6Lu53040619; Wed, 23 May 2007 23:21:56 -0700 (PDT) (envelope-from obrien@dragon.NUXI.org) Received: (from obrien@localhost) by dragon.NUXI.org (8.14.1/8.13.7/Submit) id l4O6LuRw040612; Wed, 23 May 2007 23:21:56 -0700 (PDT) (envelope-from obrien) Date: Wed, 23 May 2007 23:21:55 -0700 From: "David O'Brien" To: Colin Percival Message-ID: <20070524062155.GA39887@dragon.NUXI.org> Mail-Followup-To: obrien@freebsd.org, Colin Percival , "freebsd-arch@freebsd.org" References: <46546E16.9070707@freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <46546E16.9070707@freebsd.org> X-Operating-System: FreeBSD 7.0-CURRENT Organization: The NUXI BSD Group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 User-Agent: Mutt/1.5.11 Cc: "freebsd-arch@freebsd.org" Subject: Re: RFC: Removing file(1)+libmagic(3) from the base system X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: obrien@freebsd.org List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 May 2007 07:00:38 -0000 On Wed, May 23, 2007 at 09:38:46AM -0700, Colin Percival wrote: > FreeBSD architects and file(1) maintainer, > > I'd like to remove file(1) and libmagic(3) from the FreeBSD base system > for the following reasons: > 1. I don't see it as being a necessary component of a UNIX-like operating > system. All I can say is "Wow - mind blowing". I do find it one of the essential components of a Unix system. > 2. It's available in the ports tree. So are many of things in /usr/bin > 3. Due to its nature as a program which parses multiple data formats, it > poses an unusually high risk of having security problems in the future > (cf. ethereal/wireshark). I think that is a stretch - so many utilities in the base system parse its input (just another word for processing input) > The one redeeming feature of file/libmagic as far as security is concerned > is that it doesn't act as a daemon, i.e., other code or user intervention > is required for an attacker to exploit security issues. And I think that is sufficient to make this idea a little over the top. thanks, -- -- David (obrien@FreeBSD.org) Q: Because it reverses the logical flow of conversation. A: Why is top-posting (putting a reply at the top of the message) frowned upon? Let's not play "Jeopardy-style quoting"