Protection from the dreaded "rm -fr /"
Garance A Drosihn
drosih at rpi.edu
Sat Oct 2 14:22:55 PDT 2004
At 8:57 PM +0300 10/2/04, Giorgos Keramidas wrote:
>On 2004-10-02 21:23, Lee Harr <missive at hotmail.com> wrote:
> > > John Beck, who works for Sun, has posted an entry in his blog
> > > yesterday about "rm -fr /" protection, which I liked a lot:
> > >
> > > http://blogs.sun.com/roller/page/jbeck/20041001#rm_rf_protection
>> >
> > > His idea was remarkably simple, so I went ahead and wrote this
> > > patch for rm(1) of FreeBSD:
> >
>> How about:
>>
>> chflags sunlnk /
>> ?
>
>Setting sunlink on / will only protect the / directory, not its
>descendants, so you don't gain much.
We could add a new flag "srunlnk", or maybe even "srm-r". The "rm"
command will always have to stat() the file it is given (just to
see if it is a directory), so it could check to see if this flag
is turned on. If it is turned on, then 'rm' could refuse to honor
any '-rf' request on that directory.
I like the idea of *some* kind of protection for "rm -rf /", but I
think it would be better as something more generally useful than
protecting against that one single case. While I have typed in a
few dozen disastrous "rm -rf" commands, I have never actually typed
in "rm -rf /", so this particular seat belt would never have done me
any good. By tieing the feature to a settable flag, then I would
have the option to protect to other directories (if I wanted to add
such protection).
--
Garance Alistair Drosehn = gad at gilead.netel.rpi.edu
Senior Systems Programmer or gad at freebsd.org
Rensselaer Polytechnic Institute or drosih at rpi.edu
More information about the freebsd-hackers
mailing list