Date: Wed, 23 May 2007 17:23:25 -0400 From: David Schultz <das@FreeBSD.ORG> To: Colin Percival <cperciva@FreeBSD.ORG> Cc: "freebsd-arch@freebsd.org" <freebsd-arch@FreeBSD.ORG> Subject: Re: RFC: Removing file(1)+libmagic(3) from the base system Message-ID: <20070523212325.GA3022@VARK.MIT.EDU> In-Reply-To: <46546E16.9070707@freebsd.org> References: <46546E16.9070707@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, May 23, 2007, Colin Percival wrote: > Can anyone make a strong argument for keeping this code in the base system? Removing it from the base system would merely amount to a marketing ploy, wherein we get to say that FreeBSD has fewer security holes because file(1) is a "third-party package". Doing so wouldn't make FreeBSD installations any more secure in practice. Virtually everyone would have to install file(1) anyway, and those who didn't wouldn't care about security holes in it anyway. In fact, removing it from the base system could make FreeBSD's file(1) less secure because developing and disseminating patches for holes in ports is a lower priority than patching holes in the base system.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070523212325.GA3022>