[patch] rm can have undesired side-effects

[Tim Clewlow]

--- Bakul Shah <bakul at bitblocks.com> wrote:

> Sorry if I tuned in late:-)
> 
> I vote for taking *out* -P.  It is an ill-designed
> feature.
> Or if you keep it, also add it to mv, cp -f & ln -f
> since
> these commands can also unlink a file and once
> unlinked in
> this matter you can't scrub it.  And also fix up the
> behavior
> for -P when multiple links.  And since mv can use
> rename(2),
> you will have to also dirty up the kernel interface
> somehow.
> Not to mention even editing such a sensitive file
> can leave
> stuff all over the disk that a bad guy can get at. 
> If you
> are truely paranoid (as opposed to paranoid only
> when on
> meds) you know how bad that is!
> 
> If you are that concious about scrubbing why not add
> scrubbing as a mount option (suggested option: -o
> paranoid)
> then at least it will be handled consistently.
> 
> What's the world come to when even the paranoid are
> such
> amateurs.
> 
> -- bakul
> 

Based on all the potential situations where a -P
option may possibly be implemented, is it worthwhile
considering creating a command that just scrubs a
file, and does nothing else. This would seem to fit
the Unix paradigm of single command to do a single
thing, and may be preferable to attempting to embed
this function in every command that may "possibly"
remove a file.

Just my 2c

Tim


 
____________________________________________________________________________________
Low, Low, Low Rates! Check out Yahoo! Messenger's cheap PC-to-Phone call rates 
(http://voice.yahoo.com)