Date: Mon, 30 Oct 2006 21:20:31 +0100 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Peter Jeremy <peterjeremy@optushome.com.au> Cc: freebsd-hackers@freebsd.org, perryh@pluto.rain.com Subject: Re: [patch] rm can have undesired side-effects Message-ID: <20061030202030.GB1043@zaphod.nitro.dk> In-Reply-To: <20061030103151.GD871@turion.vk2pj.dyndns.org> References: <20061029222847.GA68272@marvin.astase.com> <20061030003628.42bc5f8d@loki.starkstrom.lan> <45455f6a.yNcc0kkyEKpoRv3m%perryh@pluto.rain.com> <20061030083849.GB871@turion.vk2pj.dyndns.org> <20061030103151.GD871@turion.vk2pj.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2006.10.30 21:31:51 +1100, Peter Jeremy wrote: > On Mon, 2006-Oct-30 19:38:49 +1100, Peter Jeremy wrote: > >the user is unaware that there are multiple links. I don't think > >that just unlinking the file and issuing a warning is a good solution > >because it's then virtually impossible to locate the other copy(s) > >of the file, which remains viewable. > > I missed the fact that the warning message includes the inode number. > My apologies. This reduces "virtually impossible" to "hard". > > I still think this current behaviour is undesirable and a security > hole. Maybe someone from the SO team would like to offer their > opinion - I might just have my tinfoil hat on too tight tonight. <With hat "paranoid dude", and not any official FreeBSD hat - I don't care to think this through enough to say anything with a FreeBSD hat for the time being, on this topic> Personally I think rm should do what you ask it to do - if you ask it to overwrite a file which has multiple links, well... though luck. I guess rm exiting for antifootshoot without -f can be OK, that's still very visible to the user. What's currently in -CURRENT is probably a bad idea since you might end up with a file which you thought you had deleted, but in fact you haven't. That said, I wouldn't trust -P to _really_ remove the content of the files anyway, so personally I don't really care much. If you want the file to be gone, use encryption in the first place, or use apropriate tool (hammer, axe, C4, etc.). </> -- Simon L. Nielsen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061030202030.GB1043>