bin/166553: find -delete documentation is misleading
Matthew Story
matthewstory at gmail.com
Sun Apr 1 19:30:18 UTC 2012
The following reply was made to PR bin/166553; it has been noted by GNATS.
From: Matthew Story <matthewstory at gmail.com>
To: Richard Kettlewell <rjk at greenend.org.uk>
Cc: freebsd-gnats-submit at freebsd.org
Subject: Re: bin/166553: find -delete documentation is misleading
Date: Sun, 1 Apr 2012 15:25:00 -0400
On Sun, Apr 1, 2012 at 1:25 PM, Richard Kettlewell <rjk at greenend.org.uk> wr=
ote:
> On 01/04/2012 18:24, Matthew Story wrote:
>>
>> On Sun, Apr 1, 2012 at 5:24 AM, Richard Kettlewell<rjk at greenend.org.uk>
>> =A0wrote:
>>>
>>>
>>> The documentation for 'find -delete' includes the following remark:
>>>
>>> =A0 =A0It will not attempt to delete a filename with a =93/=94 characte=
r in its
>>> pathname relative to =93.=94 for security reasons.
>>>
>>> This reflects a defensive test early in f_delete. However, the test wil=
l
>>> not succeed, since find does not use FTS_NOCHDIR, so entry->fts_accpath
>>> should never contain "/".
>>
>>
>> $ # show test succeeds
>> $ mkdir -p foo/bar/baz
>> $ find ./foo -delete
>> find: -delete: ./foo: relative path potentially not safe
>>
>> The reason that fts_accpath contains a leading ``./'' in this case is
>> that fts, even without FTS_NOCHDIR, does not chdir into the parent
>> directory of depth 0 directories on the first pass, fts_accpath will
>> always equal fts_pathname on depth 0 FTSENTs.
>
>
> Light dawns l-)
>
> Still, the wording could be improved: it doesn't really describe well whe=
n
> -delete will succeed and when it won't.
Yes, the wording is confusing, and it's not actually a correct
assessment of what the code is doing ... it also doesn't note that
this condition is fatal:
$ # show that an absolute path also triggers the condition
$ ./find /usr/home/user1/foo -depth 0 -delete
find: -delete: /usr/home/user1/foo: relative path potentially not safe
$ echo $?
1
The code here is actually just fatalling out if FTSENT->fts_accpath
contains a ``/'', wether or not it is preceded by a ``.'' There is an
additional misleading comment in the code to the same end as the
manage.
/* Potentially unsafe - do not accept relative paths whatsoever */
>
> ttfn/rjk
--=20
regards,
matt
More information about the freebsd-bugs
mailing list