From owner-freebsd-security@FreeBSD.ORG Thu May 24 14:37:13 2007 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8D69A16A41F for ; Thu, 24 May 2007 14:37:13 +0000 (UTC) (envelope-from tevans.uk@googlemail.com) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.236]) by mx1.freebsd.org (Postfix) with ESMTP id 33DB513C45E for ; Thu, 24 May 2007 14:37:13 +0000 (UTC) (envelope-from tevans.uk@googlemail.com) Received: by wr-out-0506.google.com with SMTP id 70so132625wra for ; Thu, 24 May 2007 07:37:12 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=googlemail.com; s=beta; h=domainkey-signature:received:received:subject:from:to:in-reply-to:references:content-type:date:message-id:mime-version:x-mailer; b=GTNYWhGAtjRfIEi1HL7rLqmd5/X1l3hu6gYdQQPLFzJTDvn7EfuFbW8vyrgXp0Fby6FiuN2rs/SEp1MqlaTSnNDdriGobCM1AAbZvLlksfbIQohtKQmOBLidR4hOqXVr92qcs8gDJ134/vdsNNbZdfJ2HHxiyJcHCKP3Xh4EukU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=beta; h=received:subject:from:to:in-reply-to:references:content-type:date:message-id:mime-version:x-mailer; b=tlY0GsvWnijwGKtG+HitzYgXLHtw1JdgYgsOfkl5YvftzrbVT9BMTQLVaq6dt4AmBmQNpUAU/Va6zaQ6xvdpNDmYZudRZewZ55Z6xArGBekUN3IRYAzwNAz6wfoK7s/aF64X5BRsjogQy1V02K/AWZBN5R1VwU2a8CO7sqRu2D0= Received: by 10.90.118.8 with SMTP id q8mr1822053agc.1180015794256; Thu, 24 May 2007 07:09:54 -0700 (PDT) Received: from ?IPv6:::ffff:127.0.0.1? ( [217.206.187.79]) by mx.google.com with ESMTP id 31sm118790nfu.2007.05.24.07.09.51; Thu, 24 May 2007 07:09:53 -0700 (PDT) From: Tom Evans To: des@des.no, freebsd-security@freebsd.org In-Reply-To: <46559AAC.5030800@tomjudge.com> References: <46559AAC.5030800@tomjudge.com> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-T3fbTvum5BbzR916WGFq" Date: Thu, 24 May 2007 15:09:47 +0100 Message-Id: <1180015787.9846.22.camel@zoot.mintel.co.uk> Mime-Version: 1.0 X-Mailer: Evolution 2.10.0 FreeBSD GNOME Team Port Cc: Subject: Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-07:04.file X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 May 2007 14:37:13 -0000 --=-T3fbTvum5BbzR916WGFq Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable > Subject: Re: [FreeBSD-Announce] FreeBSD Security Advisory=20 > FreeBSD-SA-07:04.file > Date: Thu, 24 May 2007 15:37:36 +0200 > From: Dag-Erling Sm=C3=B8rgrav > To: Brian A. Seklecki > CC: FreeBSD Security Advisories ,=20 > freebsd-security@freebsd.org > References: <200705231619.l4NGJtHB017927@freefall.freebsd.org>=20 > <1179937542.1121.4.camel@soundwave.pgh.priv.collaborativefusion.com> >=20 > "Brian A. Seklecki" writes: > > I'll have to check, but I doubt anything other than file(1) on > > production systems is linked against libmagic. This is safe to do in > > real-time afaik. ~BAS >=20 > AFAIK, Apache's mod_mime_magic either links against libmagic or against > its own copy of the same code. >=20 > DES I've had an initial look over mod_mime_magic.c in Apache 1.3.37 and 2.2.4 . Both are essentially the same module, just adjusted for the different APIs in 2.x. The module does not use libmagic directly, nor does it appear to include large portions of similar code. The history of the module indicates that it was derived from Ian Darwin's magic(1) posted to comp.source.unix in ~1987, which is where FreeBSD's magic(1) originated. However FreeBSD's magic notes that it was extensively rewritten since then, and I cannot personally identify similar parts of the code between file/magic.c and mod_mime_magic.c - but I am not a security expert. If someone more qualified than me has some time to look at whether mod_mime_magic is affected, I'd appreciate it greatly. Regards Tom --=-T3fbTvum5BbzR916WGFq Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQBGVZymlcRvFfyds/cRAuQSAKCi3h59aqco6jTdwKgWZzX5fv9xrgCgo2aG kgrw8xqQPzuhASjlQ9zulac= =lYgN -----END PGP SIGNATURE----- --=-T3fbTvum5BbzR916WGFq--