On 04/10/16 03:21, Mohammed Sadiq wrote: > '--no-preserve-root' that can be used to ignore if the path is root when using > the 'rm' command. > > But as the most of the GNU commands accepts shortened flag as long as > there is no ambiguity, this can be an issue too. So, 'rm --n' may have the > same effect as 'rm --no-preserve-root'. There may be several users unaware > of this feature which can cause several issues. > > 1. A cracker may be able to trick a user to bring a system down using > '--n' flag. > 2. A folder/file name like '--n' as an argument to 'rm' command may > try to delete > the whole files (in case a '/' too appears as an argument), and > the user won't > find a reason why it happened. > > One way to overcome this is set '--no-preserve-roots' too an alias for > '--no-preserve-root'. This means that the user will have include the whole > flag > to ignore root check (shortening will create an ambiguity).
An interesting idea. The main focus of the --no-preserve-root option is to protect against accidental insertion of a space with `rm -rf blah /` or `rm -rf $blah/`. With malicious arguments though one can obfuscate using shell quoting, and the recent ls quoting changes are more general protection against that. In saying that I don't see any issue with this, and there is a slight increase in protection, so I'd be 60:40 for making this change. cheers, Pádraig.
