Date: Wed, 23 May 2007 23:21:55 -0700 From: "David O'Brien" <obrien@freebsd.org> To: Colin Percival <cperciva@freebsd.org> Cc: "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org> Subject: Re: RFC: Removing file(1)+libmagic(3) from the base system Message-ID: <20070524062155.GA39887@dragon.NUXI.org> In-Reply-To: <46546E16.9070707@freebsd.org> References: <46546E16.9070707@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, May 23, 2007 at 09:38:46AM -0700, Colin Percival wrote: > FreeBSD architects and file(1) maintainer, > > I'd like to remove file(1) and libmagic(3) from the FreeBSD base system > for the following reasons: > 1. I don't see it as being a necessary component of a UNIX-like operating > system. All I can say is "Wow - mind blowing". I do find it one of the essential components of a Unix system. > 2. It's available in the ports tree. So are many of things in /usr/bin > 3. Due to its nature as a program which parses multiple data formats, it > poses an unusually high risk of having security problems in the future > (cf. ethereal/wireshark). I think that is a stretch - so many utilities in the base system parse its input (just another word for processing input) > The one redeeming feature of file/libmagic as far as security is concerned > is that it doesn't act as a daemon, i.e., other code or user intervention > is required for an attacker to exploit security issues. And I think that is sufficient to make this idea a little over the top. thanks, -- -- David (obrien@FreeBSD.org) Q: Because it reverses the logical flow of conversation. A: Why is top-posting (putting a reply at the top of the message) frowned upon? Let's not play "Jeopardy-style quoting"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070524062155.GA39887>