[patch] rm can have undesired side-effects
fetrovsky at yahoo.com
Tue Oct 31 16:16:42 UTC 2006
Actually, I would like to support this motion... Thinking over the possible behaviours of -P is to sit in a room saying "to delete or not to delete..." If you think it over from a higher perspective, "The UNIX Way" (TM) is to have individual commands for specific tasks and to extract tasks from commands that have gotten too complex... and I think this is the case of rm... a "shred" command should be added that has the following behaviour:
if the file is not writable, return with error.
if the file has multiple links, and option -f was not specified, return with error.
overwrite the file.
optionally, unlink the file.
Additionally, -P should either be rm'ed from rm, or added as a backwards compatibility hack that calls "shred" and returns with error every time the latter does.
These are my 1.99 cents.
----- Original Message ----
From: Tim Clewlow <tim1timau at yahoo.com>
To: Bakul Shah <bakul at bitblocks.com>; Doug Barton <dougb at FreeBSD.org>
Cc: delphij at FreeBSD.org; perryh at pluto.rain.com; freebsd-hackers at freebsd.org
Sent: Monday, October 30, 2006 12:20:33 PM
Subject: Re: [patch] rm can have undesired side-effects
--- Bakul Shah <bakul at bitblocks.com> wrote:
> Sorry if I tuned in late:-)
> I vote for taking *out* -P. It is an ill-designed
> Or if you keep it, also add it to mv, cp -f & ln -f
> these commands can also unlink a file and once
> unlinked in
> this matter you can't scrub it. And also fix up the
> for -P when multiple links. And since mv can use
> you will have to also dirty up the kernel interface
> Not to mention even editing such a sensitive file
> can leave
> stuff all over the disk that a bad guy can get at.
> If you
> are truely paranoid (as opposed to paranoid only
> when on
> meds) you know how bad that is!
> If you are that concious about scrubbing why not add
> scrubbing as a mount option (suggested option: -o
> then at least it will be handled consistently.
> What's the world come to when even the paranoid are
> -- bakul
Based on all the potential situations where a -P
option may possibly be implemented, is it worthwhile
considering creating a command that just scrubs a
file, and does nothing else. This would seem to fit
the Unix paradigm of single command to do a single
thing, and may be preferable to attempting to embed
this function in every command that may "possibly"
remove a file.
Just my 2c
Low, Low, Low Rates! Check out Yahoo! Messenger's cheap PC-to-Phone call rates
freebsd-hackers at freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
More information about the freebsd-hackers