RFC: Removing file(1)+libmagic(3) from the base system
Andrey Chernov
ache at freebsd.org
Thu May 24 14:59:23 UTC 2007
On Wed, May 23, 2007 at 01:49:13PM -0400, Daniel Eischen wrote:
> On Wed, 23 May 2007, Colin Percival wrote:
>
> > FreeBSD architects and file(1) maintainer,
> >
> > I'd like to remove file(1) and libmagic(3) from the FreeBSD base system
> > for the following reasons:
> > 1. I don't see it as being a necessary component of a UNIX-like operating
> > system.
> > 2. It's available in the ports tree.
> > 3. Due to its nature as a program which parses multiple data formats, it
> > poses an unusually high risk of having security problems in the future
> > (cf. ethereal/wireshark).
> >
> > The one redeeming feature of file/libmagic as far as security is concerned
> > is that it doesn't act as a daemon, i.e., other code or user intervention
> > is required for an attacker to exploit security issues. This is why I'm
> > asking here rather than wielding the "Security Officer can veto code which
> > he doesn't like" stick. :-)
> >
> > Can anyone make a strong argument for keeping this code in the base system?
>
> Yes, because other OS's have it (file) in their base, and because
> it is a POSIX-defined utility. Please consider this a strong no.
I agree with Daniel. Better way is to add a big warning to file(1) manpage
about running it against untrusted sources.
--
http://ache.pp.ru/
More information about the freebsd-arch
mailing list