Re: [patch] rm can have undesired side-effects



--- Bakul Shah <bakul@xxxxxxxxxxxxx> wrote:

Sorry if I tuned in late:-)

I vote for taking *out* -P. It is an ill-designed
feature.
Or if you keep it, also add it to mv, cp -f & ln -f
since
these commands can also unlink a file and once
unlinked in
this matter you can't scrub it. And also fix up the
behavior
for -P when multiple links. And since mv can use
rename(2),
you will have to also dirty up the kernel interface
somehow.
Not to mention even editing such a sensitive file
can leave
stuff all over the disk that a bad guy can get at.
If you
are truely paranoid (as opposed to paranoid only
when on
meds) you know how bad that is!

If you are that concious about scrubbing why not add
scrubbing as a mount option (suggested option: -o
paranoid)
then at least it will be handled consistently.

What's the world come to when even the paranoid are
such
amateurs.

-- bakul


Based on all the potential situations where a -P
option may possibly be implemented, is it worthwhile
considering creating a command that just scrubs a
file, and does nothing else. This would seem to fit
the Unix paradigm of single command to do a single
thing, and may be preferable to attempting to embed
this function in every command that may "possibly"
remove a file.

Just my 2c

Tim



____________________________________________________________________________________
Low, Low, Low Rates! Check out Yahoo! Messenger's cheap PC-to-Phone call rates
(http://voice.yahoo.com)

_______________________________________________
freebsd-hackers@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: [patch] rm can have undesired side-effects
    ... if the file has multiple links, and option -f was not specified, return with error. ... optionally, unlink the file. ... are truely paranoid (as opposed to paranoid only ... the Unix paradigm of single command to do a single ...
    (freebsd-hackers)
  • Re: fooled by shifting date
    ... Maybe I wasn't being paranoid after all :-) ... A possible solution would be to have a separate command to wake ...
    (comp.lang.tcl)
  • Re: [patch] rm can have undesired side-effects
    ... Thinking over the possible behaviours of -P is to ... a "shred" command should ... are truely paranoid (as opposed to paranoid only ... system/media. ...
    (freebsd-hackers)
  • Re: how to accept pipes or command line args in C
    ... templates if insufficient command line arguments are specified. ... Anyway, you can read from stdin by, well, reading from stdin. ... You all think I'm paranoid, ...
    (comp.programming)
  • Re: Moving /USR
    ... This was done from the command ... Once the upgrade was complete I just logged out and ... logged back in again and, bingo, I'm running Xorg now. ... you can't unlink them and create a new file with the same name. ...
    (uk.comp.os.linux)