From owner-freebsd-hackers@FreeBSD.ORG  Sat Oct  2 23:28:46 2004
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id ED15016A4CE
	for <freebsd-hackers@freebsd.org>;
	Sat,  2 Oct 2004 23:28:46 +0000 (GMT)
Received: from kane.otenet.gr (kane.otenet.gr [195.170.0.27])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2A4BC43D31
	for <freebsd-hackers@freebsd.org>;
	Sat,  2 Oct 2004 23:28:46 +0000 (GMT)
	(envelope-from keramida@freebsd.org)
Received: from gothmog.gr (patr530-b221.otenet.gr [212.205.244.229])
	i92NShmc005775;	Sun, 3 Oct 2004 02:28:44 +0300
Received: from gothmog.gr (gothmog [127.0.0.1])
	by gothmog.gr (8.13.1/8.13.1) with ESMTP id i92NSe8P001816;
	Sun, 3 Oct 2004 02:28:40 +0300 (EEST)
	(envelope-from keramida@freebsd.org)
Received: (from giorgos@localhost)
	by gothmog.gr (8.13.1/8.13.1/Submit) id i92NFkoI001703;
	Sun, 3 Oct 2004 02:15:46 +0300 (EEST)
	(envelope-from keramida@freebsd.org)
Date: Sun, 3 Oct 2004 02:15:46 +0300
From: Giorgos Keramidas <keramida@freebsd.org>
To: Michael Reifenberger <mike@reifenberger.com>
Message-ID: <20041002231546.GD1381@gothmog.gr>
References: <20041002081928.GA21439@gothmog.gr>
	<200410021123.59811.max@love2party.net> <20041002102430.Y5481@thor.farley.org>
	<20041002165155.GP35869@seekingfire.com> <20041002175517.GA2230@gothmog.gr>
	<20041002204851.K24332@fw.reifenberger.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20041002204851.K24332@fw.reifenberger.com>
cc: freebsd-hackers@freebsd.org
Subject: Re: Protection from the dreaded "rm -fr /"
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Oct 2004 23:28:47 -0000

On 2004-10-02 21:16, Michael Reifenberger <mike@reifenberger.com> wrote:
>> Exactly. Who would expect `rm -rf /` to actually succeed? It's not
>> only dangerous, it doesn't work in a useful way ;-)
>>
>> If one is thinking about `rm -rf /`, `newfs` is probably the right
>> answer.
>
> newfs only works if the root is not mounted because otherwise the
> device is locked.

No it doesn't.  You're just protected by GEOM's locking of the partition
table for mounted partitions.

> (Hmm is GEOM too anti foot shooting?

Yes.

> But can't you reenable foot-shooting via sysctl?)

Not via a sysctl, but there is an ioctl to do that now: DIOCSMBR.
See revision 1.14 of src/usr.sbin/boot0cfg/boot0cfg.c for an example.