[patch] rm can have undesired side-effects

Hello

The rm utility provides a "-P" option for overwriting files before
removing them. I was wondering about the behaviour of it on regular
files with more than one hard link.
I just wrote a few lines in a file, created an hard link to it and "rm
-P" the first one. The content of the second one was just lost too.

I wonder if this is a desired feature, in accordance to some standard,
or just something so improbable that nobody got in trouble with it
(yet) ?

I guess that in some circumstances this may be an issue. As an example,
for associating UIDs with user names in an anonymous FTP server, you may
have to provide a copy of the /etc/passwd file... or maybe you will just
think about creating a hard link to it.

I guess that it can be fixed (in case it is not desired) by:
- Ignoring the -P option when the link count is greater then one, or
- Asking the user whether he is ready to lose data, assuming "no" if
the -f option is set, or
- Asking the user whether he is ready to lose data, assuming "yes" if
the -f option is set.


I have attached a patch that implements the first behaviour. I think
here is the best place to speak about this, maybe before thinking about
filling-in a problem-report?

Regards,
Romain

--
Romain Tartiere <romain-tartiere@xxxxxxxxxx> http://romain.astase.com/
pgp: 8DAB A124 0DA4 7024 F82A E748 D8E9 A33F FF56 FF43 (ID: 0xFF56FF43)
(plain text =non-HTML= PGP/GPG encrypted/signed e-mail much appreciated)
diff -ru /usr/src/bin/rm/rm.1 rm/rm.1
--- /usr/src/bin/rm/rm.1 Fri Mar 31 01:58:14 2006
+++ rm/rm.1 Sun Oct 29 22:44:17 2006
@@ -92,6 +92,8 @@
.Nm
to generate an error message and exit.
The file will not be removed or overwritten.
+This option is silently ignored if the file link count is greater than
+one and overwriting it would cause data loss.
.It Fl R
Attempt to remove the file hierarchy rooted in each file argument.
The
diff -ru /usr/src/bin/rm/rm.c rm/rm.c
--- /usr/src/bin/rm/rm.c Tue May 16 18:14:51 2006
+++ rm/rm.c Sun Oct 15 22:55:05 2006
@@ -289,7 +289,7 @@
continue;
/* FALLTHROUGH */
default:
- if (Pflag)
+ if (Pflag && (1 == p->fts_statp->st_nlink))
if (!rm_overwrite(p->fts_accpath, NULL))
continue;
rval = unlink(p->fts_accpath);
@@ -357,7 +357,7 @@
else if (S_ISDIR(sb.st_mode))
rval = rmdir(f);
else {
- if (Pflag)
+ if (Pflag && (1 == sb.st_nlink))
if (!rm_overwrite(f, &sb))
continue;
rval = unlink(f);

Attachment: pgp6wIYIAaXma.pgp
Description: PGP signature