From owner-freebsd-arch@FreeBSD.ORG Thu May 24 07:19:07 2007 Return-Path: X-Original-To: freebsd-arch@freebsd.org Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C4A8516A421; Thu, 24 May 2007 07:19:07 +0000 (UTC) (envelope-from kris@obsecurity.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.freebsd.org (Postfix) with ESMTP id B164213C44C; Thu, 24 May 2007 07:19:07 +0000 (UTC) (envelope-from kris@obsecurity.org) Received: from obsecurity.dyndns.org (elvis.mu.org [192.203.228.196]) by elvis.mu.org (Postfix) with ESMTP id 3BBD51A4D80; Thu, 24 May 2007 00:20:09 -0700 (PDT) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id E5735513FC; Thu, 24 May 2007 03:19:06 -0400 (EDT) Date: Thu, 24 May 2007 03:19:06 -0400 From: Kris Kennaway To: Colin Percival Message-ID: <20070524071906.GB80416@xor.obsecurity.org> References: <46546E16.9070707@freebsd.org> <7158.1179947572@critter.freebsd.dk> <20070523213251.GA14733@keltia.freenix.fr> <20070523.161038.-1989860747.imp@bsdimp.com> <46553A6B.7070904@freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <46553A6B.7070904@freebsd.org> User-Agent: Mutt/1.4.2.2i Cc: freebsd-arch@freebsd.org Subject: Re: RFC: Removing file(1)+libmagic(3) from the base system X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 May 2007 07:19:07 -0000 On Thu, May 24, 2007 at 12:10:35AM -0700, Colin Percival wrote: > M. Warner Losh wrote: > > I would argue that it would make the system LESS secure, because one > > loses the ability to identify files on the system. People are going > > to install it anyway, and it is a jump ball as to whether having it in > > the base system would cause vulnerabilities to be updated faster than > > having it in ports (both the actual update in the system, as well as > > the user causing the update to happen: ports are a touch easier to > > update, but lag a bit both in terms of people updating their ports > > tree and ports committers updating the port). > > Interestingly, my experience from portsnap is that people tend to update > ports more frequently than they apply security patches to the base system. ...with freebsd update. Important qualification. > > And for there to be any exploitable vulnerability, the attacker would > > need to feed the victum a bogusly formatted file, and cause the victum > > to run file on that file. I doubt that the latest security hole will > > ever result in a system compromise... > > You're more optimistic than I am, then. This latest advisory was issued > on the basis of "it's a heap overflow in rather messy code, so we really > have no idea if it's exploitable". The only way I can think of is if there is a MIME email scanner out there that uses file(1) to identify attachment types. Kris