Re: [patch] rm can have undesired side-effects

On Sun, 29 Oct 2006 23:28:47 +0100
Romain Tartiere <romain-tartiere@xxxxxxxxxx> wrote:

The rm utility provides a "-P" option for overwriting files before
removing them. I was wondering about the behaviour of it on regular
files with more than one hard link.
I just wrote a few lines in a file, created an hard link to it and "rm
-P" the first one. The content of the second one was just lost too.

Of course. It is the same file. Every other outcome would indicate
a serious bug somewhere in the filesystem code.

I guess that it can be fixed (in case it is not desired) by:
- Ignoring the -P option when the link count is greater then one, or

Silently ignoring user specified options is seldom a good way to go.
The user explicitly stated he wants to wipe the file contents.

- Asking the user whether he is ready to lose data, assuming "no" if
the -f option is set, or
- Asking the user whether he is ready to lose data, assuming "yes" if
the -f option is set.

As -f is the `i know how to shoot my feet' option, a user should be
allowed to do so, therefor the second one of these two is better.

I guess it boils down to the question how well people understand the
linkcount in `ls -l' and how much FreeBSD wants to hold the user's hand.

Personally, i'd go nuts if rm(1) constantly asks if I am sure I want
to delete that file, because deleted files are lost. If I ever want
that, I can set `rm -i' as alias for rm.

Joerg
--
| /"\ ASCII ribbon | GnuPG Key ID | e86d b753 3deb e749 6c3a |
| \ / campaign against | 0xbbcaad24 | 5706 1f7d 6cfd bbca ad24 |
| X HTML in email | .the next sentence is true. |
| / \ and news | .the previous sentence was a lie. |

Attachment: signature.asc
Description: PGP signature