From owner-freebsd-arch@freebsd.org Tue Jun 20 10:25:48 2017 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6FD56D94C55 for ; Tue, 20 Jun 2017 10:25:48 +0000 (UTC) (envelope-from jlehen@gmail.com) Received: from mail-qt0-x232.google.com (mail-qt0-x232.google.com [IPv6:2607:f8b0:400d:c0d::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2D8757C03F for ; Tue, 20 Jun 2017 10:25:48 +0000 (UTC) (envelope-from jlehen@gmail.com) Received: by mail-qt0-x232.google.com with SMTP id u19so129934517qta.3 for ; Tue, 20 Jun 2017 03:25:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:from:date:message-id:subject:to; bh=Z29xB8qBgUbTRFlfmlDRaxLb0Y4EUurNSK4d7lnZpr8=; b=OBMtosYrlw+JzB++V9ZZAWtoVIuzyj6DunZ7c250iV0iFS73AhFJHKSKu4kBG9theN 0/wsZ6OfFVcRN/j65d2gNwpkF15rpv39R8IBnE4tR4jHDgWJP7/yXuDwNKPXdG6JcBGx vA7IoSvzhEMXnvHrD7IKqTSVm0pvaCzO4Gq4kiPw5kAMD9V6EOt+xM+JzeZ0N9V8a+M1 M7uV+Pfz5fPfnYL+Un2bYEljTDF1rQchXamY2Jju/HscJlarRpMoC171nzazJ4bBcOOh gMvnS85vwsy4cO54EOBZIrpz5FlAvFwGURFYFwmAp3rX64Ywty5T8d/Xz48KabhmJcPB czQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to; bh=Z29xB8qBgUbTRFlfmlDRaxLb0Y4EUurNSK4d7lnZpr8=; b=lPVe9nlZvj1dV7BYJqiOCmlUz2RqRVx2QqdgmG23LSbx0lMxYa4seM50eGDdMp1kQ6 2ZXT5x7w1s8RrJjR7hrqLvfzOZqVeU8g9nO85bNYLtvUEvoEW/Kap8toD9xwICUcl256 fKDJec6xwFPMNffsbhedCwnwlIpV48MVpCa3tQvO8GbHsMGNnLvKUw3piUbM7TPfS6nD OW57NI59vo1EbjVPWgPAalsMWApuIR5VLd/B1rkZPPzHBXfIfXzQc4MP7BLB6HwwVGJ/ jlh6Wcl39pAZCZu8qn8KF0vvp/zrtTKgrmr/7rttg9UzSwEHBs03sAxHhJrEWKFMakOl 56Lw== X-Gm-Message-State: AKS2vOyPyEvM3TAXuwUWFb1OOiEJ697SVPr3no/1jpSAc4r8j3uI+Ecj OEQFtSiioa7NwstKW7P7BrhVy5kCg8PE6NM= X-Received: by 10.200.35.231 with SMTP id r36mr33218415qtr.167.1497954347124; Tue, 20 Jun 2017 03:25:47 -0700 (PDT) MIME-Version: 1.0 Sender: jlehen@gmail.com Received: by 10.12.181.46 with HTTP; Tue, 20 Jun 2017 03:25:46 -0700 (PDT) From: Jeremie Le Hen Date: Tue, 20 Jun 2017 12:25:46 +0200 X-Google-Sender-Auth: VcL_lMTpnnfVUV0tOKgTxu2qcPw Message-ID: Subject: rtools were deemed almost unused 15 years ago... To: freebsd-arch@freebsd.org Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 10:25:48 -0000 Hey folks, I remember when I was still barely out of my teenagehood, people were mostly using ssh/scp while rtools (rsh, rlogin, ... for the youngsters) were left in place as a courtesy for legacy production systems still relying it on them. Fast forward to 2017 (so yes, 15 years later), stack-clash [1] sorely reminds us that suid binaries are an attack surface. I don't even need to mention that it's a healthy engineering practice to remove unused code, both from a maintenance and security perspective. Therefore, I hereby propose to remove rtools from the base system. I acknowledge this will likely cause troubles for a handful of people who are still relying on it for good or bad reasons. But the flipside is that the attack surface of millions of FreeBSD installed out there will be reduced. The proposed roadmap is: - disable from the build on head and let it soak for one month - remove rtools from the base. What do you guys think? Any preferred color for the bikeshed? :) [1] https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt -- Jeremie Le Hen jlh@FreeBSD.org