On 04/10/16 15:34, Jim Meyering wrote: > On Tue, Oct 4, 2016 at 5:54 AM, Pádraig Brady <[email protected]> wrote: >> On 04/10/16 12:38, Pádraig Brady wrote: >>> On 04/10/16 03:21, Mohammed Sadiq wrote: >>>> '--no-preserve-root' that can be used to ignore if the path is root when >>>> using >>>> the 'rm' command. >>>> >>>> But as the most of the GNU commands accepts shortened flag as long as >>>> there is no ambiguity, this can be an issue too. So, 'rm --n' may have the >>>> same effect as 'rm --no-preserve-root'. There may be several users unaware >>>> of this feature which can cause several issues. >>>> >>>> 1. A cracker may be able to trick a user to bring a system down using >>>> '--n' flag. >>>> 2. A folder/file name like '--n' as an argument to 'rm' command may >>>> try to delete >>>> the whole files (in case a '/' too appears as an argument), and >>>> the user won't >>>> find a reason why it happened. >>>> >>>> One way to overcome this is set '--no-preserve-roots' too an alias for >>>> '--no-preserve-root'. This means that the user will have include the whole >>>> flag >>>> to ignore root check (shortening will create an ambiguity). >>> >>> An interesting idea. >>> The main focus of the --no-preserve-root option is to protect against >>> accidental insertion of a space with `rm -rf blah /` or `rm -rf $blah/`. >>> With malicious arguments though one can obfuscate using shell quoting, >>> and the recent ls quoting changes are more general protection against that. >>> In saying that I don't see any issue with this, and there is a slight >>> increase in protection, so I'd be 60:40 for making this change. >> >> This would break scripts that used shortened --no-preserve for example, >> though that's quite unlikely to be used. >> >> Implementation is attached. > > I too like the idea. > Did you consider this alternate implementation? > > $ src/rm --no-preserve-root a > src/rm: cannot remove 'a': No such file or directory > [Exit 1] > $ src/rm --no-preserve-roo a > src/rm: you may not abbreviate the --no-preserve-root option > [Exit 1]
More explicit and less hacky. I'll change to that. thanks
