Re: Protection from the dreaded "rm -fr /"

From: Ceri Davies (ceri_at_submonkey.net)
Date: 10/03/04

  • Next message: soralx_at_cydem.org: "Re: Protection from the dreaded "rm -fr /"" 
    Date: Sat, 2 Oct 2004 23:00:35 +0100
To: Garance A Drosihn <drosih@rpi.edu>

    On Sat, Oct 02, 2004 at 05:22:50PM -0400, Garance A Drosihn wrote:
    > At 8:57 PM +0300 10/2/04, Giorgos Keramidas wrote:
    > >On 2004-10-02 21:23, Lee Harr <missive@hotmail.com> wrote:
    > > > > John Beck, who works for Sun, has posted an entry in his blog
    > > > > yesterday about "rm -fr /" protection, which I liked a lot:
    > > > >
    > > > > http://blogs.sun.com/roller/page/jbeck/20041001#rm_rf_protection
    > >> >
    > > > > His idea was remarkably simple, so I went ahead and wrote this
    > > > > patch for rm(1) of FreeBSD:
    > > >
    > >> How about:
    > >>
    > >> chflags sunlnk /
    > >> ?
    > >
    > >Setting sunlink on / will only protect the / directory, not its
    > >descendants, so you don't gain much.
    >
    > We could add a new flag "srunlnk", or maybe even "srm-r". The "rm"
    > command will always have to stat() the file it is given (just to
    > see if it is a directory), so it could check to see if this flag
    > is turned on. If it is turned on, then 'rm' could refuse to honor
    > any '-rf' request on that directory.

    I love the idea of this; it's the most elegant solution offered yet.

    I'm also looking forward to the forthcoming bikeshed regarding exactly
    what the flag should be called. ;-)

    Ceri 

    -- 
It is not tinfoil, it is my new skin.  I am a robot.

  • Next message: soralx_at_cydem.org: "Re: Protection from the dreaded "rm -fr /""

    Relevant Pages