On Fri, 2008-03-28 at 17:27 +0100, Denys Vlasenko wrote: > On Friday 28 March 2008 17:11, Joakim Tjernlund wrote: > > > Well, GNU cp also copies TO dest symlink's target too, > > > which is incredibly careless. Hell knows where that symlink points - > > > /etc/passwd? /dev/sda? Cool, eh? > > > > Very :) But then again perhaps this is the right thing to do. Why > > follow the symlink in one direction but not the other? > > In my view usability and security should trump "abstract correctness" > and "symmetry" considerations. > > How can root use safely copy a file to user-owned directory? > > Obviously, "cp somefile /home/user/somefile" > > What will happen if user created malicious symlink > /home/user/somefile -> /dev/sda? Should cp STILL write to > symlink's target despite it being dangerous? > > > > Instead of wanting cp to be a mix of copy and cat, why don't you use > > > cat when you want to say "please open and read from this > > > file/device/pipe"? > > > That would be unambiguous. (Same holds for writing TO things - use >file). > > > > maybe, but then cp should be fixed to not copy the contents of a > > symlink? > > If you ask me, yes, I'd prefer "cp" to copy files in the sense > "create the same destination file/link/device/fifo". > We already have cat/dd/etc for reading (as opposed to "copying"). > But that would diverge from POSIX too much... > > > What about cp myfile /dev/mtdblock1? Currently cp copies the contents of > > myfile to the flash. > > I didn't like it, but decided to make it work - there are people > which are using this (mis)feature, and POSIX says it should work that way. > -- > vda
OK, all good points above. Sorry for the noise Jocke _______________________________________________ busybox mailing list [email protected] http://busybox.net/cgi-bin/mailman/listinfo/busybox
