Date: Wed, 23 May 2007 17:46:59 -0700 From: Colin Percival <cperciva@freebsd.org> To: Poul-Henning Kamp <phk@phk.freebsd.dk> Cc: "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org> Subject: Re: RFC: Removing file(1)+libmagic(3) from the base system Message-ID: <4654E083.10807@freebsd.org> In-Reply-To: <7158.1179947572@critter.freebsd.dk> References: <7158.1179947572@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
Poul-Henning Kamp wrote: > In message <46546E16.9070707@freebsd.org>, Colin Percival writes: >> I'd like to remove file(1) and libmagic(3) from the FreeBSD base system >> for the following reasons: > > One mitigating option would be to open the magic file and input > and sequester the file process in a jail. Last time I checked, unprivileged processes couldn't jail themselves. We could make file(1) setuid root and use a privilege separation approach, but I'm not convinced that would be a net win. Colin Percival
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4654E083.10807>