From owner-freebsd-arch@FreeBSD.ORG Wed May 23 22:12:28 2007 Return-Path: X-Original-To: freebsd-arch@freebsd.org Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B430C16A421 for ; Wed, 23 May 2007 22:12:28 +0000 (UTC) (envelope-from imp@bsdimp.com) Received: from harmony.bsdimp.com (bsdimp.com [199.45.160.85]) by mx1.freebsd.org (Postfix) with ESMTP id 71CA213C46A for ; Wed, 23 May 2007 22:12:28 +0000 (UTC) (envelope-from imp@bsdimp.com) Received: from localhost (localhost [127.0.0.1]) by harmony.bsdimp.com (8.13.8/8.13.4) with ESMTP id l4NMAPhh078786; Wed, 23 May 2007 16:10:25 -0600 (MDT) (envelope-from imp@bsdimp.com) Date: Wed, 23 May 2007 16:10:38 -0600 (MDT) Message-Id: <20070523.161038.-1989860747.imp@bsdimp.com> To: roberto@keltia.freenix.fr From: "M. Warner Losh" In-Reply-To: <20070523213251.GA14733@keltia.freenix.fr> References: <46546E16.9070707@freebsd.org> <7158.1179947572@critter.freebsd.dk> <20070523213251.GA14733@keltia.freenix.fr> X-Mailer: Mew version 4.2 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0 (harmony.bsdimp.com [127.0.0.1]); Wed, 23 May 2007 16:10:25 -0600 (MDT) Cc: freebsd-arch@freebsd.org Subject: Re: RFC: Removing file(1)+libmagic(3) from the base system X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 May 2007 22:12:28 -0000 In message: <20070523213251.GA14733@keltia.freenix.fr> Ollivier Robert writes: : According to Poul-Henning Kamp: : > On this I would tend to disagree strongly. The ability to identify : > random files have been a key component of UNIX for many years and : > I think people would be significantly surprised if we stopped : > providing it. : : Agreed, take this message as a strong no from myself as well. I would argue that it would make the system LESS secure, because one loses the ability to identify files on the system. People are going to install it anyway, and it is a jump ball as to whether having it in the base system would cause vulnerabilities to be updated faster than having it in ports (both the actual update in the system, as well as the user causing the update to happen: ports are a touch easier to update, but lag a bit both in terms of people updating their ports tree and ports committers updating the port). And for there to be any exploitable vulnerability, the attacker would need to feed the victum a bogusly formatted file, and cause the victum to run file on that file. I doubt that the latest security hole will ever result in a system compromise... I guess I fail to see how this is any different than the .gz bugs that were found a while ago. Nobody suggested removing .gz from the tree because a few bugs were found. Everybody suggested updating right away to fix those bugs. File is no different, and really should remain in the tree. In short: this is a silly idea. Don't do it. Warner