From owner-freebsd-arch@FreeBSD.ORG Wed May 23 23:27:05 2007 Return-Path: X-Original-To: freebsd-arch@FreeBSD.org Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9D4D216A41F for ; Wed, 23 May 2007 23:27:05 +0000 (UTC) (envelope-from gad@FreeBSD.org) Received: from smtp7.server.rpi.edu (smtp7.server.rpi.edu [128.113.2.227]) by mx1.freebsd.org (Postfix) with ESMTP id 680E413C4C1 for ; Wed, 23 May 2007 23:27:05 +0000 (UTC) (envelope-from gad@FreeBSD.org) Received: from [128.113.24.47] (gilead.netel.rpi.edu [128.113.24.47]) by smtp7.server.rpi.edu (8.13.1/8.13.1) with ESMTP id l4NMQvhM004666; Wed, 23 May 2007 18:26:58 -0400 Mime-Version: 1.0 Message-Id: In-Reply-To: <7158.1179947572@critter.freebsd.dk> References: <7158.1179947572@critter.freebsd.dk> Date: Wed, 23 May 2007 18:26:56 -0400 To: Colin Percival From: Garance A Drosehn Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-RPI-SA-Score: undef - spam scanning disabled X-CanItPRO-Stream: default X-Canit-Stats-ID: Bayes signature not available X-Scanned-By: CanIt (www . roaringpenguin . com) on 128.113.2.227 Cc: freebsd-arch@FreeBSD.org Subject: Re: RFC: Removing file(1)+libmagic(3) from the base system X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 May 2007 23:27:05 -0000 At 7:12 PM +0000 5/23/07, Poul-Henning Kamp wrote: >In message <46546E16.9070707@freebsd.org>, Colin Percival writes: >> FreeBSD architects and file(1) maintainer, >> > > I'd like to remove file(1) and libmagic(3) from the FreeBSD base > > system for the following reasons: > > > > 1. I don't see it as being a necessary component of a UNIX-like > > operating system. > >On this I would tend to disagree strongly. The ability to identify >random files have been a key component of UNIX for many years and >I think people would be significantly surprised if we stopped >providing it. I concur with PHK. There has been a 'file' command on every unix system I have used in the past 15 (or more) years. If FreeBSD removes the file(1) command, almost every sysadmin will simply install it from ports. The file(1) command does not run as a daemon, it is not setuid or setgid, and has no special access to any information which must be kept secure (such as /etc/passwd). I don't see why we would single out that command based on one buffer overflow. I realize that every security advisory involves a lot of rush work on the part of the security team, but I don't think that file(1) has been guilty often enough for us to consider removing it. And I think removing it for *security* reasons is particularly pointless when we know that every unix sysadmin is just going to install it from ports if it was not in the base system. Mark me as a strong vote against removing it from the base system. If we really think that file(1) command is a serious security problem, then we should do things to limit the damage it can do. Moving it into an always-installed port will not improve security (IMO). -- Garance Alistair Drosehn = drosehn@rpi.edu Senior Systems Programmer or gad@FreeBSD.org Rensselaer Polytechnic Institute; Troy, NY; USA