Hi, Can you honestly tell me there is a use case for allowing 'rm -rf /*' to succeed? If we're going to say that it's dangerous to operate on / then it makes sense to trap /* as well. It doesn't make sense that we should allow the root of the filesystem to be destroyed without this protection just on the say-so of an extra character.
On Fri, May 9, 2014 at 7:35 AM, Pádraig Brady <p...@draigbrady.com> wrote: > On 05/09/2014 08:02 AM, Jessica K. Litwin wrote: > > Package: coreutils > > Version: 8.13-3.5 > > Severity: normal > > > > Dear Maintainer, > > > > In root-dev-ino.h there is logic to prevent the user from doing > > (for example) 'rm -rf /' without --no-preserve-root. It doesn't > > prevent the user from doing 'rm -rf /*'. I can't think of any > > reason why the two should be treated differently; I humbly > > suggest patching root-dev-ino.h so that rm balks if instructed > > to 'rm -rf /*' without --no-preserve-root. > > > > -- System Information: > > Debian Release: 7.5 > > While the effect is the same, 'rm -rf /*' is a more explicit request. > The 'rm -rf /' protection is really a protection against inadvertent > spacing as in 'rm -rf / tmp/blah'. So this proposed additional second > guessing of the user would not be viable upstream. > > thanks, > Pádraig. > -- Jessica K. Litwin e: jess...@litw.in p: (330) 5PRESS5 w: jessicalitwin.com twitter: press5 aim: press5key skype: dr_jkl