> At the moment ifconfig(8) sets address of `inet` family if no > address family specified and some unrecognized parameter given. > This has security and UX implications:
Security? Oh really? It seems these days nearly everything gets labelled as security, trying to get us to rise up. > Because inet addresses mix with other ifconfig(8) parameters, > a misspelled parameter will be assumed to be an inet address. So don't do that. Be exact and correct, and don't make such errors. But notice such misuse circumstance tends towards fail-closed, which means no address is configured. > Since it is possible to set an inet address from a hostname, > gethostbyname(3) will eventually look up this parameter as > an address via DNS. One may run something like > `ifconfig iwm0 wpakeysecretpassword` and `wpakeysecretpassword` > will be sent over the wire. So don't do that. Learn to type. The real problem here is that passwords should never be on the commandline, but instead should always be fetched from files. Unfortunately noone has worked on that problem. And your diff doesn't solve that problem. In the meantime, learn to type correctly and follow the commandline specification in the manual page. As a headsup, I would also recommend caution around the rm(1) command in particular, though this plague affects many others. > If a user misspelled a parameter they have to wait for undefined > amount of time for DNS lookup to finish (DNS server may not be > available). > > This patch is to make address family a required parameter when > setting an address. But it breaks established use in a very major way, including scripts and the finger memory of thousands of people. No thanks. Your proposal doesn't make the world better. By the way, your diff missed deleting a line "recommended" in the manual page. See what I mean about typing and re-consideration being the actual problem?
