Date: Fri, 2 Aug 2013 14:14:23 +0000 (UTC) From: Jilles Tjoelker <jilles@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r253886 - in head: . usr.bin/find Message-ID: <201308021414.r72EENmb051361@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jilles Date: Fri Aug 2 14:14:23 2013 New Revision: 253886 URL: http://svnweb.freebsd.org/changeset/base/253886 Log: find: Allow -delete to delete files given as arguments. Formerly, a command like find dir1/dir2 -delete would delete everything under dir1/dir2 but not dir1/dir2 itself. When -L is not specified and "." can be opened, the fts(3) code underlying find(1) is careful to avoid following symlinks or being dropped in different locations by moving the directory fts is currently traversing. If a problematic concurrent modification is detected, fts will not enter the directory or abort. Files found in the search are returned via the current working directory and a pathname not containing a slash. For paranoia, find(1) verifies this when -delete is used. However, it is too paranoid about the root of the traversal. It is already assumed that the initial pathname does not refer to directories or symlinks that might be replaced by untrusted users; otherwise, the whole traversal would be unsafe. Therefore, it is not necessary to do the check for fts_level == FTS_ROOTLEVEL. Deleting the pathnames given as arguments can be prevented without error messages using -mindepth 1 or by changing directory and passing "." as argument to find. This works in the old as well as the new version of find. Tested by: Kurt Lidl Reviewed by: jhb Modified: head/UPDATING head/usr.bin/find/function.c Modified: head/UPDATING ============================================================================== --- head/UPDATING Fri Aug 2 13:06:49 2013 (r253885) +++ head/UPDATING Fri Aug 2 14:14:23 2013 (r253886) @@ -31,6 +31,19 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 10 disable the most expensive debugging functionality run "ln -s 'abort:false,junk:false' /etc/malloc.conf".) +20130802: + find -delete can now delete the pathnames given as arguments, + instead of only files found below them or if the pathname did + not contain any slashes. Formerly, the following error message + would result: + + find: -delete: <path>: relative path potentially not safe + + Deleting the pathnames given as arguments can be prevented + without error messages using -mindepth 1 or by changing + directory and passing "." as argument to find. This works in the + old as well as the new version of find. + 20130726: Behavior of devfs rules path matching has been changed. Pattern is now always matched against fully qualified devfs Modified: head/usr.bin/find/function.c ============================================================================== --- head/usr.bin/find/function.c Fri Aug 2 13:06:49 2013 (r253885) +++ head/usr.bin/find/function.c Fri Aug 2 14:14:23 2013 (r253886) @@ -442,7 +442,8 @@ f_delete(PLAN *plan __unused, FTSENT *en errx(1, "-delete: forbidden when symlinks are followed"); /* Potentially unsafe - do not accept relative paths whatsoever */ - if (strchr(entry->fts_accpath, '/') != NULL) + if (entry->fts_level > FTS_ROOTLEVEL && + strchr(entry->fts_accpath, '/') != NULL) errx(1, "-delete: %s: relative path potentially not safe", entry->fts_accpath);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201308021414.r72EENmb051361>