From owner-freebsd-hackers@FreeBSD.ORG Sat Oct 2 10:57:20 2004 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9DE3F16A4CE for ; Sat, 2 Oct 2004 10:57:20 +0000 (GMT) Received: from gw.gbch.net (gw.gbch.net [203.143.238.93]) by mx1.FreeBSD.org (Postfix) with SMTP id 8EA5743D46 for ; Sat, 2 Oct 2004 10:57:18 +0000 (GMT) (envelope-from gjb@gbch.net) Received: (qmail 78380 invoked from network); 2 Oct 2004 20:57:16 +1000 Received: from felix.gbch.net (mpnc4gm2dctux7kz@172.16.1.6) by bambi.gbch.net with SMTP; 2 Oct 2004 20:57:16 +1000 Received: (qmail 84107 invoked by uid 1001); 2 Oct 2004 20:57:15 +1000 Message-ID: Date: Sat, 2 Oct 2004 20:57:15 +1000 From: Greg Black To: Giorgos Keramidas References: <20041002081928.GA21439@gothmog.gr> <200410021123.59811.max@love2party.net> <20041002081928.GA21439@gothmog.gr> <20041002083336.GA10355@k7.mavetju> <415E6C4A.1010804@gamersimpact.com> <20041002101842.GA23272@gothmog.gr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20041002101842.GA23272@gothmog.gr> User-Agent: Mutt/1.4.2.1i; gjb-muttsend.sh 1.5 2003-10-01 X-Uptime: 37 days X-Operating-System: FreeBSD 4.8-RELEASE i386 X-Location: Brisbane, Australia; 27.49841S 152.98439E X-URL: http://www.gbch.net/gjb.html X-Blog: http://www.gbch.net/gjb/blog/ X-Image-URL: http://www.gbch.net/gjb/gjb-auug048.gif X-PGP-Key-Fingerprint: EBB2 2A92 A79D 1533 AC00 3C46 5D83 B6FB 4B04 B7D6 X-Request-PGP: http://www.gbch.net/keys/4B04B7D6.asc cc: Ryan Sommers cc: freebsd-hackers@freebsd.org cc: Max Laier Subject: Re: Protection from the dreaded "rm -fr /" X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Oct 2004 10:57:20 -0000 On 2004-10-02, Giorgos Keramidas wrote: > I liked what Max Laier proposed though, about making this tunable and > defaulting to off. See below for the behavior of what I've come up with: > > On 2004-10-02 11:23, Max Laier wrote: > > [ Sorry to be so negative ... ] > > > > At very least you should consider to error out silently as POSIX > > requires "-f" to be silent. Other than that you should really look > > into the standards and what they way about rm and friends. > > Agreed. Thanks for the feedback. Positive replies are not the only > sort that are worth a lot :-) Interesting -- if POSIX requires -f to be silent, we have quite a bit of work to do, as our rm is not silent in several cases of failure. And, while checking this, it wold be good to see what the standards say about exit values -- some errors are silent and return 0; others are noisy and return 1; there may be other possibilities, but I haven't checked exhaustively. As for protecting against "rm -rf / foo" as a typo for "rm -rf /foo", I don't mind if we offer protection against that; but I see no reason at all to "protect" root from "rm -rf /". It's fair to say that somebody who types that means it, and it's fair to go as far as we can in satisfying it. In any case, the new behaviour should only kick in if some environment variable is set and should not require doubled -f options. We all know how rm works and it's not broken. Greg