From owner-freebsd-arch@FreeBSD.ORG Thu May 24 08:05:11 2007 Return-Path: X-Original-To: freebsd-arch@freebsd.org Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7142D16A468 for ; Thu, 24 May 2007 08:05:11 +0000 (UTC) (envelope-from alexander@leidinger.net) Received: from redbull.bpaserver.net (redbullneu.bpaserver.net [213.198.78.217]) by mx1.freebsd.org (Postfix) with ESMTP id 26F6513C484 for ; Thu, 24 May 2007 08:05:10 +0000 (UTC) (envelope-from alexander@leidinger.net) Received: from outgoing.leidinger.net (unknown [84.165.196.247]) by redbull.bpaserver.net (Postfix) with ESMTP id 44E042E13F; Thu, 24 May 2007 09:44:37 +0200 (CEST) Received: from webmail.leidinger.net (webmail.Leidinger.net [192.168.1.102]) by outgoing.leidinger.net (Postfix) with ESMTP id DE6B05B545F; Thu, 24 May 2007 09:44:20 +0200 (CEST) Received: (from www@localhost) by webmail.leidinger.net (8.13.8/8.13.8/Submit) id l4O7iKAd057175; Thu, 24 May 2007 09:44:20 +0200 (CEST) (envelope-from Alexander@Leidinger.net) Received: from pslux.cec.eu.int (pslux.cec.eu.int [158.169.9.14]) by webmail.leidinger.net (Horde MIME library) with HTTP; Thu, 24 May 2007 09:44:20 +0200 Message-ID: <20070524094420.de73ozujr4sccc0o@webmail.leidinger.net> X-Priority: 3 (Normal) Date: Thu, 24 May 2007 09:44:20 +0200 From: Alexander Leidinger To: Colin Percival References: <46546E16.9070707@freebsd.org> <7158.1179947572@critter.freebsd.dk> <20070523213251.GA14733@keltia.freenix.fr> <20070523.161038.-1989860747.imp@bsdimp.com> <46553A6B.7070904@freebsd.org> In-Reply-To: <46553A6B.7070904@freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Internet Messaging Program (IMP) H3 (4.1.4) / FreeBSD-7.0 X-BPAnet-MailScanner-Information: Please contact the ISP for more information X-BPAnet-MailScanner: Found to be clean X-BPAnet-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-14.364, required 8, BAYES_00 -15.00, DK_POLICY_SIGNSOME 0.00, FORGED_RCVD_HELO 0.14, NO_RDNS 0.50) X-BPAnet-MailScanner-From: alexander@leidinger.net X-Spam-Status: No Cc: freebsd-arch@freebsd.org Subject: Re: RFC: Removing file(1)+libmagic(3) from the base system X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 May 2007 08:05:11 -0000 Quoting Colin Percival (from Thu, 24 May 2007 =20 00:10:35 -0700): > M. Warner Losh wrote: >> I would argue that it would make the system LESS secure, because one >> loses the ability to identify files on the system. People are going >> to install it anyway, and it is a jump ball as to whether having it in >> the base system would cause vulnerabilities to be updated faster than >> having it in ports (both the actual update in the system, as well as >> the user causing the update to happen: ports are a touch easier to >> update, but lag a bit both in terms of people updating their ports >> tree and ports committers updating the port). > > Interestingly, my experience from portsnap is that people tend to update > ports more frequently than they apply security patches to the base system. You can say people tend to update the ports collection, you don't know =20 about the ports (as in "installed ports"). I have several systems =20 (behind a proxy) which update the ports collection every day. But the =20 ports there are not updated that often. I also know about several =20 systems where the ports collection is updated every day, but the =20 installed ports are only touched if a client ask about a new software =20 or an update, which is maybe once a year. I also like to keep file in the base. It's too damn useful there. Bye, Alexander. --=20 He who hesitates is last. http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID =3D B0063FE7 http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID =3D 72077137