<br><br><div><span class="gmail_quote">On 10/2/07, <b class="gmail_sendername">Nathan Boeger</b> <<a href="mailto:nboeger@khmere.com">nboeger@khmere.com</a>> wrote:</span><blockquote class="gmail_quote" style="margin-top: 0; margin-right: 0; margin-bottom: 0; margin-left: 0; margin-left: 0.80ex; border-left-color: #cccccc; border-left-width: 1px; border-left-style: solid; padding-left: 1ex">
Steven Kreuzer wrote:<br>> On Tue, Oct 02, 2007 at 02:22:46PM -0400, Nathan Boeger wrote:<br>><br>>> Steven Kreuzer wrote:<br>>><br>>>> Greetings-<br>>>><br>>>> I am reading through the freebsd-current mailing list and I stumbled upon a
<br>>>> proposed patch that I thought was rather interesting<br>>>><br>>>> Basically, is a patch to rm that first reads ~/.rm before actually removing<br>>>> anything to make sure that what you are trying to delete isn't "protected"
<br>>>><br>>>> Example, if I did rm -rf ~ /bin (when I really wanted ~/bin) it would check<br>>>> to make sure that /bin and ~ are allowed to be removed.<br>>>><br>>>> I am kinda on the fence about this, but think it could be a useful way to
<br>>>> protect yourself from yourself<br>>>><br>>>> Project Page: <a href="http://people.freebsd.org/~daichi/safety-rm/">http://people.freebsd.org/~daichi/safety-rm/</a><br>>>> eMail thread on freebsd-current:
<br>>>> <a href="http://marc.info/?l=freebsd-current&m=119072708632143&w=2">http://marc.info/?l=freebsd-current&m=119072708632143&w=2</a><br>>>><br>>>> What do you think?<br>>>>
<br>>>><br>>>><br>>> So here is a few questions:<br>>><br>>> 1. What if someone aliased: cat /dev/null > ~/.rmrc?<br>>><br>><br>> So you end up with a 0B regular file.<br>
><br>> while (fgets(line, sizeof(line), fp) != NULL)<br>><br>> File is just opened and closed and rm continues on. This would almost be the<br>> same as having no ~/.rm file.<br>><br>Exactly, so some meanie could easily blow your file away. Or worse you
<br>could fat finger it and never know. So it offers little to no help.<br>>> 2. What if rm is has setuid bit on it for some strange reason? Then<br>>> would your ~/.rmrc still be read?<br>>><br>><br>
> rm is just reading the file, not executing it.<br>><br>><br>No, what I mean is the binary rm has setuid not the ~/.rmrc file.<br>>> 3. What if I dd if=/dev/random of=~/.rmrc and make it some huge blob.<br>
>> Could this expose a buffer overun?<br>>><br>>><br>> Anything is possible. Buffer overflows happens. You use best practices to<br>> try and avoid them, but if they happen, you find the cause and patch it.
<br>><br>><br>Agreed, but going out of your way to potentially create them for no real<br>benefit does not seem practical.<br>>> 4. Will rm need to check if the ~/.rmrc is hard or soft linked?<br>>><br>>>
<br>><br>> I just took a closer look at the patch. The original author only checks to<br>> make sure the file is there, and if it is, makes sure it is owned by the user<br>> and they have read access to it. Might make sense to throw in some checks to
<br>> make sure it is a regular file.<br>><br>><br>Good idea, so what if the user is issuing rm -fR /dir/* that has a lot<br>of files. Would you then check every time? Or would it fail for all?<br>What about: for i in `ls /dir/' do rm $i; done?
<br><br>And if it took a lot of time to delete all those files and someone<br>updated the ~/.rmrc before it was complete then what? Would that change<br>not be reflected in the current rm process?<br>>> 5. Would rm never be allowed to remove `/.rmrc or would you need to list
<br>>> it inside its own file?<br>>><br>>><br>><br>> This might break the time continuum and can result to a time<br>> paradoxon. Don't be suprised.<br>><br>><br>Or worse it could rip a whole into fluidic space and unleash species 8472!
<br><br></blockquote></div>I daresay that you guys have mistakenly stumbled onto the recipe for FTL travel.<br>The hardest part is controlling the space fold caused using any ol' machine running<br>CURRENT to rm its own ~/.rmrc.
<br><br>Commendable, folks. Physicists will be singing praises, and everyone everywhere<br>will start to use FreeBSD for the new era that it has created for humanity.<br>Wait? Who am I kidding? It'll just be a free-for-all as greedy folks rush to claim
<br>planets, and then we'll end up having yet another Empire vs. Colonies Independence <br>War.<br>