Date: Thu, 24 May 2007 18:59:20 +0400 From: Andrey Chernov <ache@freebsd.org> To: Daniel Eischen <deischen@freebsd.org> Cc: Colin Percival <cperciva@freebsd.org>, "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org> Subject: Re: RFC: Removing file(1)+libmagic(3) from the base system Message-ID: <20070524145920.GB31367@nagual.pp.ru> In-Reply-To: <Pine.GSO.4.64.0705231346400.9867@sea.ntplx.net> References: <46546E16.9070707@freebsd.org> <Pine.GSO.4.64.0705231346400.9867@sea.ntplx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, May 23, 2007 at 01:49:13PM -0400, Daniel Eischen wrote: > On Wed, 23 May 2007, Colin Percival wrote: > > > FreeBSD architects and file(1) maintainer, > > > > I'd like to remove file(1) and libmagic(3) from the FreeBSD base system > > for the following reasons: > > 1. I don't see it as being a necessary component of a UNIX-like operating > > system. > > 2. It's available in the ports tree. > > 3. Due to its nature as a program which parses multiple data formats, it > > poses an unusually high risk of having security problems in the future > > (cf. ethereal/wireshark). > > > > The one redeeming feature of file/libmagic as far as security is concerned > > is that it doesn't act as a daemon, i.e., other code or user intervention > > is required for an attacker to exploit security issues. This is why I'm > > asking here rather than wielding the "Security Officer can veto code which > > he doesn't like" stick. :-) > > > > Can anyone make a strong argument for keeping this code in the base system? > > Yes, because other OS's have it (file) in their base, and because > it is a POSIX-defined utility. Please consider this a strong no. I agree with Daniel. Better way is to add a big warning to file(1) manpage about running it against untrusted sources. -- http://ache.pp.ru/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070524145920.GB31367>