From owner-freebsd-hackers@FreeBSD.ORG  Sun Oct  3 01:53:35 2004
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 494BF16A4CF
	for <freebsd-hackers@freebsd.org>;
	Sun,  3 Oct 2004 01:53:35 +0000 (GMT)
Received: from kane.otenet.gr (kane.otenet.gr [195.170.0.27])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4A42443D1D
	for <freebsd-hackers@freebsd.org>;
	Sun,  3 Oct 2004 01:53:34 +0000 (GMT)
	(envelope-from keramida@freebsd.org)
Received: from gothmog.gr (patr530-b221.otenet.gr [212.205.244.229])
	i931rN9T010655;	Sun, 3 Oct 2004 04:53:24 +0300
Received: from gothmog.gr (gothmog [127.0.0.1])
	by gothmog.gr (8.13.1/8.13.1) with ESMTP id i931rL5V003287;
	Sun, 3 Oct 2004 04:53:21 +0300 (EEST)
	(envelope-from keramida@freebsd.org)
Received: (from giorgos@localhost)
	by gothmog.gr (8.13.1/8.13.1/Submit) id i931rLfv003286;
	Sun, 3 Oct 2004 04:53:21 +0300 (EEST)
	(envelope-from keramida@freebsd.org)
Date: Sun, 3 Oct 2004 04:53:21 +0300
From: Giorgos Keramidas <keramida@freebsd.org>
To: "M. Warner Losh" <imp@bsdimp.com>
Message-ID: <20041003015321.GA3190@gothmog.gr>
References: <20041002175517.GA2230@gothmog.gr>
	<20041002204851.K24332@fw.reifenberger.com>
	<20041002210554.GS35869@seekingfire.com>
	<20041002.192951.35870461.imp@bsdimp.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20041002.192951.35870461.imp@bsdimp.com>
cc: freebsd-hackers@freebsd.org
Subject: Re: Protection from the dreaded "rm -fr /"
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Oct 2004 01:53:35 -0000

On 2004-10-02 19:29, "M. Warner Losh" <imp@bsdimp.com> wrote:
> In message: <20041002210554.GS35869@seekingfire.com>
>             Tillman Hodgson <tillman@seekingfire.com> writes:
> : It'll never work, though, that's the thing. At some point it'll rm
> : something it itself needs and error out. There isn't a way to use `rm
> : -rf /` that /doesn't/ result in foot-shooting.
>
> No.  You are wrong.  if you rm -rf in a chroot, then it won't result
> in foot shooting, necessarily, like it would outside a chroot.

Since a chroot can always be rm -fr deleted from outside the chroot,
this isn't really a great problem, is it?