From owner-freebsd-arch@FreeBSD.ORG Thu May 24 07:10:47 2007 Return-Path: X-Original-To: freebsd-arch@freebsd.org Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id A3F0416A468 for ; Thu, 24 May 2007 07:10:47 +0000 (UTC) (envelope-from cperciva@freebsd.org) Received: from pd2mo3so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.freebsd.org (Postfix) with ESMTP id 7D5DB13C480 for ; Thu, 24 May 2007 07:10:47 +0000 (UTC) (envelope-from cperciva@freebsd.org) Received: from pd4mr2so.prod.shaw.ca (pd4mr2so-qfe3.prod.shaw.ca [10.0.141.213]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0JIJ001ZKAM0P490@l-daemon> for freebsd-arch@freebsd.org; Thu, 24 May 2007 01:10:48 -0600 (MDT) Received: from pn2ml4so.prod.shaw.ca ([10.0.121.148]) by pd4mr2so.prod.shaw.ca (Sun Java System Messaging Server 6.2-7.05 (built Sep 5 2006)) with ESMTP id <0JIJ002F6AM06BW0@pd4mr2so.prod.shaw.ca> for freebsd-arch@freebsd.org; Thu, 24 May 2007 01:10:48 -0600 (MDT) Received: from hexahedron.daemonology.net ([24.82.18.31]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with SMTP id <0JIJ00IYIALYXNJ2@l-daemon> for freebsd-arch@freebsd.org; Thu, 24 May 2007 01:10:47 -0600 (MDT) Received: (qmail 4104 invoked from network); Thu, 24 May 2007 07:10:35 +0000 Received: from unknown (HELO hexahedron.daemonology.net) (127.0.0.1) by localhost with SMTP; Thu, 24 May 2007 07:10:35 +0000 Date: Thu, 24 May 2007 00:10:35 -0700 From: Colin Percival In-reply-to: <20070523.161038.-1989860747.imp@bsdimp.com> To: "M. Warner Losh" Message-id: <46553A6B.7070904@freebsd.org> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Enigmail-Version: 0.95.0 References: <46546E16.9070707@freebsd.org> <7158.1179947572@critter.freebsd.dk> <20070523213251.GA14733@keltia.freenix.fr> <20070523.161038.-1989860747.imp@bsdimp.com> User-Agent: Thunderbird 2.0.0.0 (X11/20070511) Cc: freebsd-arch@freebsd.org Subject: Re: RFC: Removing file(1)+libmagic(3) from the base system X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 May 2007 07:10:47 -0000 M. Warner Losh wrote: > I would argue that it would make the system LESS secure, because one > loses the ability to identify files on the system. People are going > to install it anyway, and it is a jump ball as to whether having it in > the base system would cause vulnerabilities to be updated faster than > having it in ports (both the actual update in the system, as well as > the user causing the update to happen: ports are a touch easier to > update, but lag a bit both in terms of people updating their ports > tree and ports committers updating the port). Interestingly, my experience from portsnap is that people tend to update ports more frequently than they apply security patches to the base system. > And for there to be any exploitable vulnerability, the attacker would > need to feed the victum a bogusly formatted file, and cause the victum > to run file on that file. I doubt that the latest security hole will > ever result in a system compromise... You're more optimistic than I am, then. This latest advisory was issued on the basis of "it's a heap overflow in rather messy code, so we really have no idea if it's exploitable". > I guess I fail to see how this is any different than the .gz bugs that > were found a while ago. Nobody suggested removing .gz from the tree > because a few bugs were found. Everybody suggested updating right > away to fix those bugs. File is no different, and really should > remain in the tree. Deflate is one file format which is used quite often. File parses several different formats, including several which are not tested often (i.e., have a much higher chance of including parse bugs). Colin Percival