Re: RFC: Removing file(1)+libmagic(3) from the base system

On Wed, May 23, 2007 at 09:38:46AM -0700, Colin Percival wrote:
FreeBSD architects and file(1) maintainer,

I'd like to remove file(1) and libmagic(3) from the FreeBSD base system
for the following reasons:
1. I don't see it as being a necessary component of a UNIX-like operating
system.

All I can say is "Wow - mind blowing".

I do find it one of the essential components of a Unix system.

2. It's available in the ports tree.

So are many of things in /usr/bin

3. Due to its nature as a program which parses multiple data formats, it
poses an unusually high risk of having security problems in the future
(cf. ethereal/wireshark).

I think that is a stretch - so many utilities in the base system
parse its input (just another word for processing input)

The one redeeming feature of file/libmagic as far as security is concerned
is that it doesn't act as a daemon, i.e., other code or user intervention
is required for an attacker to exploit security issues.

And I think that is sufficient to make this idea a little over the top.

thanks,
--
-- David (obrien@xxxxxxxxxxx)
Q: Because it reverses the logical flow of conversation.
A: Why is top-posting (putting a reply at the top of the message) frowned upon?
Let's not play "Jeopardy-style quoting"
_______________________________________________
freebsd-arch@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-arch
To unsubscribe, send any mail to "freebsd-arch-unsubscribe@xxxxxxxxxxx"