RFC: Removing file(1)+libmagic(3) from the base system
Colin Percival
cperciva at freebsd.org
Thu May 24 00:47:17 UTC 2007
Poul-Henning Kamp wrote:
> In message <46546E16.9070707 at freebsd.org>, Colin Percival writes:
>> I'd like to remove file(1) and libmagic(3) from the FreeBSD base system
>> for the following reasons:
>
> One mitigating option would be to open the magic file and input
> and sequester the file process in a jail.
Last time I checked, unprivileged processes couldn't jail themselves. We
could make file(1) setuid root and use a privilege separation approach,
but I'm not convinced that would be a net win.
Colin Percival
More information about the freebsd-arch
mailing list