Date: Sat, 2 Oct 2004 20:20:08 -0400 From: David Schultz <das@FreeBSD.ORG> To: Giorgos Keramidas <keramida@FreeBSD.ORG> Cc: Garance A Drosihn <drosih@rpi.edu> Subject: Re: Protection from the dreaded "rm -fr /" Message-ID: <20041003002007.GA3070@VARK.MIT.EDU> In-Reply-To: <20041002230226.GC1381@gothmog.gr> References: <BAY2-F27PUPeKljq65R00014185@hotmail.com> <20041002175704.GB2230@gothmog.gr> <p06110421bd84c87e063b@[128.113.24.47]> <20041002230226.GC1381@gothmog.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Oct 03, 2004, Giorgos Keramidas wrote: > On 2004-10-02 17:22, Garance A Drosihn <drosih@rpi.edu> wrote: > > At 8:57 PM +0300 10/2/04, Giorgos Keramidas wrote: > > >On 2004-10-02 21:23, Lee Harr <missive@hotmail.com> wrote: > > >> How about: > > >> chflags sunlnk / > > >> ? > > > > > >Setting sunlink on / will only protect the / directory, not its > > >descendants, so you don't gain much. > > > > We could add a new flag "srunlnk", or maybe even "srm-r". The "rm" > > command will always have to stat() the file it is given (just to > > see if it is a directory), so it could check to see if this flag > > is turned on. If it is turned on, then 'rm' could refuse to honor > > any '-rf' request on that directory. [...] > > Hmmm. This sounds much better indeed :-) Give a choice between an elegant 50-line solution involving kernel changes and a somewhat inelegant but complete 3-line solution, I have to say I'd opt for the 3-line solution...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041003002007.GA3070>