From owner-freebsd-arch@FreeBSD.ORG  Thu May 24 14:59:23 2007
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
X-Original-To: freebsd-arch@freebsd.org
Delivered-To: freebsd-arch@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id D417816A400;
	Thu, 24 May 2007 14:59:23 +0000 (UTC)
	(envelope-from ache@nagual.pp.ru)
Received: from nagual.pp.ru (nagual.pp.ru [194.87.13.69])
	by mx1.freebsd.org (Postfix) with ESMTP id 4C79A13C489;
	Thu, 24 May 2007 14:59:22 +0000 (UTC)
	(envelope-from ache@nagual.pp.ru)
Received: from nagual.pp.ru (ache@localhost [127.0.0.1])
	by nagual.pp.ru (8.14.1/8.14.1) with ESMTP id l4OExLwr031747;
	Thu, 24 May 2007 18:59:21 +0400 (MSD)
	(envelope-from ache@nagual.pp.ru)
Received: (from ache@localhost)
	by nagual.pp.ru (8.14.1/8.14.1/Submit) id l4OExLDD031746;
	Thu, 24 May 2007 18:59:21 +0400 (MSD) (envelope-from ache)
Date: Thu, 24 May 2007 18:59:20 +0400
From: Andrey Chernov <ache@freebsd.org>
To: Daniel Eischen <deischen@freebsd.org>
Message-ID: <20070524145920.GB31367@nagual.pp.ru>
Mail-Followup-To: Andrey Chernov <ache@freebsd.org>,
	Daniel Eischen <deischen@freebsd.org>,
	Colin Percival <cperciva@freebsd.org>,
	"freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org>
References: <46546E16.9070707@freebsd.org>
	<Pine.GSO.4.64.0705231346400.9867@sea.ntplx.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.GSO.4.64.0705231346400.9867@sea.ntplx.net>
User-Agent: Mutt/1.5.15 (2007-04-06)
Cc: Colin Percival <cperciva@freebsd.org>,
	"freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org>
Subject: Re: RFC: Removing file(1)+libmagic(3) from the base system
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 May 2007 14:59:23 -0000

On Wed, May 23, 2007 at 01:49:13PM -0400, Daniel Eischen wrote:
>  On Wed, 23 May 2007, Colin Percival wrote:
> 
> > FreeBSD architects and file(1) maintainer,
> >
> > I'd like to remove file(1) and libmagic(3) from the FreeBSD base system
> > for the following reasons:
> > 1. I don't see it as being a necessary component of a UNIX-like operating
> > system.
> > 2. It's available in the ports tree.
> > 3. Due to its nature as a program which parses multiple data formats, it
> > poses an unusually high risk of having security problems in the future
> > (cf. ethereal/wireshark).
> >
> > The one redeeming feature of file/libmagic as far as security is concerned
> > is that it doesn't act as a daemon, i.e., other code or user intervention
> > is required for an attacker to exploit security issues.  This is why I'm
> > asking here rather than wielding the "Security Officer can veto code which
> > he doesn't like" stick. :-)
> >
> > Can anyone make a strong argument for keeping this code in the base system?
> 
>  Yes, because other OS's have it (file) in their base, and because
>  it is a POSIX-defined utility.  Please consider this a strong no.

I agree with Daniel. Better way is to add a big warning to file(1) manpage 
about running it against untrusted sources.

-- 
http://ache.pp.ru/