Re: RFC: Removing file(1)+libmagic(3) from the base system
- From: Peter Jeremy <peterjeremy@xxxxxxxxxxxxxxxx>
- Date: Thu, 24 May 2007 22:31:48 +1000
On 2007-May-23 17:23:25 -0400, David Schultz <das@xxxxxxxxxxx> wrote:
On Wed, May 23, 2007, Colin Percival wrote:
Can anyone make a strong argument for keeping this code in the base system?
Removing it from the base system would merely amount to a
marketing ploy, wherein we get to say that FreeBSD has fewer
security holes because file(1) is a "third-party package". Doing
so wouldn't make FreeBSD installations any more secure in
practice.
My thoughts as well.
The way I see it, file(1) is an interpreter for the language defined
in magic(5). For most purposes (particularly when processing untrusted
input), the "program" that file(1) will execute is /usr/share/misc/magic
Viewed this way, I do not see it as any different to awk or sed.
From a security aspect, file(1) can extract C-style strings and
offsets from the untrusted input - and these obviously need careful
sanity checks in addition to the normal error checking.
Rather than treating ports as a ghetto for potentially unsafe
utilities, I believe the Project would be better off making those
utilities more robust. Has the OpenBSD project got an 'audited'
file(1)? If so, can we import it or the fixes?
--
Peter Jeremy
Attachment:
pgpKbPyfI03gx.pgp
Description: PGP signature
- References:
- RFC: Removing file(1)+libmagic(3) from the base system
- From: Colin Percival
- Re: RFC: Removing file(1)+libmagic(3) from the base system
- From: David Schultz
- RFC: Removing file(1)+libmagic(3) from the base system
- Prev by Date: Re: sched_lock && thread_lock()
- Next by Date: Re: sched_lock && thread_lock()
- Previous by thread: Re: RFC: Removing file(1)+libmagic(3) from the base system
- Next by thread: Re: RFC: Removing file(1)+libmagic(3) from the base system
- Index(es):
Relevant Pages
|
|
