[patch] rm can have undesired side-effects
LI Xin
delphij at delphij.net
Mon Oct 30 12:51:57 UTC 2006
Peter Jeremy wrote:
> On Mon, 2006-Oct-30 19:38:49 +1100, Peter Jeremy wrote:
>> the user is unaware that there are multiple links. I don't think
>> that just unlinking the file and issuing a warning is a good solution
>> because it's then virtually impossible to locate the other copy(s)
>> of the file, which remains viewable.
>
> I missed the fact that the warning message includes the inode number.
> My apologies. This reduces "virtually impossible" to "hard".
>
> I still think this current behaviour is undesirable and a security
> hole. Maybe someone from the SO team would like to offer their
> opinion - I might just have my tinfoil hat on too tight tonight.
I think the concern of the removal is perfectly valid. It's possible
that someone run:
find secret/ -type f -exec rm {} +
and there are zillions of files in secret/, causing the warning to be
scrolled over. Also, it's possible that there is places that the user
can not enter. Therefore, I agree that my checkin has introduced a
security hole and we should fix it. I have posted a possible patch here
and to cvs-all@ for review.
Cheers,
--
Xin LI <delphij at delphij.net> http://www.delphij.net/
FreeBSD - The Power to Serve!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20061030/84ccc287/signature.pgp
More information about the freebsd-hackers
mailing list