Date: Sat, 2 Oct 2004 23:00:35 +0100 From: Ceri Davies <ceri@submonkey.net> To: Garance A Drosihn <drosih@rpi.edu> Cc: Giorgos Keramidas <keramida@freebsd.org> Subject: Re: Protection from the dreaded "rm -fr /" Message-ID: <20041002220035.GD2493@submonkey.net> In-Reply-To: <p06110421bd84c87e063b@[128.113.24.47]> References: <BAY2-F27PUPeKljq65R00014185@hotmail.com> <20041002175704.GB2230@gothmog.gr> <p06110421bd84c87e063b@[128.113.24.47]>
next in thread | previous in thread | raw e-mail | index | archive | help
--OMnfC9oq5hdMsh0V Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Oct 02, 2004 at 05:22:50PM -0400, Garance A Drosihn wrote: > At 8:57 PM +0300 10/2/04, Giorgos Keramidas wrote: > >On 2004-10-02 21:23, Lee Harr <missive@hotmail.com> wrote: > > > > John Beck, who works for Sun, has posted an entry in his blog > > > > yesterday about "rm -fr /" protection, which I liked a lot: > > > > > > > > http://blogs.sun.com/roller/page/jbeck/20041001#rm_rf_protection > >> > > > > > His idea was remarkably simple, so I went ahead and wrote this > > > > patch for rm(1) of FreeBSD: > > > > >> How about: > >> > >> chflags sunlnk / > >> ? > > > >Setting sunlink on / will only protect the / directory, not its > >descendants, so you don't gain much. >=20 > We could add a new flag "srunlnk", or maybe even "srm-r". The "rm" > command will always have to stat() the file it is given (just to > see if it is a directory), so it could check to see if this flag > is turned on. If it is turned on, then 'rm' could refuse to honor > any '-rf' request on that directory. I love the idea of this; it's the most elegant solution offered yet. I'm also looking forward to the forthcoming bikeshed regarding exactly what the flag should be called. ;-) Ceri --=20 It is not tinfoil, it is my new skin. I am a robot. --OMnfC9oq5hdMsh0V Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBXyUDocfcwTS3JF8RAnBtAJ9DurokB5+yyohTOh2Wf+E/2qTUbwCcD1le sHabZE2tUKfIiPaIhHolZAU= =/IFq -----END PGP SIGNATURE----- --OMnfC9oq5hdMsh0V--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041002220035.GD2493>