Date: Wed, 23 May 2007 17:55:35 -0700 From: Julian Elischer <julian@elischer.org> To: Colin Percival <cperciva@freebsd.org> Cc: Poul-Henning Kamp <phk@phk.freebsd.dk>, "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org> Subject: Re: RFC: Removing file(1)+libmagic(3) from the base system Message-ID: <4654E287.3040206@elischer.org> In-Reply-To: <4654E083.10807@freebsd.org> References: <7158.1179947572@critter.freebsd.dk> <4654E083.10807@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Colin Percival wrote: > Poul-Henning Kamp wrote: >> In message <46546E16.9070707@freebsd.org>, Colin Percival writes: >>> I'd like to remove file(1) and libmagic(3) from the FreeBSD base system >>> for the following reasons: >> One mitigating option would be to open the magic file and input >> and sequester the file process in a jail. > > Last time I checked, unprivileged processes couldn't jail themselves. We > could make file(1) setuid root and use a privilege separation approach, > but I'm not convinced that would be a net win. How about a bit in the headers of a program that are set by the Makefile. If the bit is not set then the elf program executor sets a bit that forbids exec from ever running.. how many programs actually need to be able to run exec.. the average exploit does an exec(/bin/sh) > > Colin Percival > _______________________________________________ > freebsd-arch@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-arch > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4654E287.3040206>