Luis Daniel Lucio Quiroz a écrit :
Helo,
As my experience in security field, to make Mageia more available in enterprise
environments, and specially those that are security paranoid, i'm planning to
port SRM. SRM is a package that does a "secure" file deleting according some
security standards (i dont remember right now names, i guess it is something
in NIST, but that doesnt matter really).
My question is, what should be the procedure that when you install srm, then
the normal rm command could be replaced? i was thinking in pushing an alias
but what other alternatives do i have?
please comment,
LD
At first glance that sounds like a reasonable approach EXCEPT -- a system-level
alias would be over-ridden by a user alias.
A user could innocently have an alias such as :
alias rm="rm -i"
rm is in /bin
- /bin/rm could be replaced with a link to srm, but I don't know if that would
be considered acceptable.
rm would have to be restored if srm were uninstalled
- wouldn't a link in /usr/bin/rm be executed first ?
Of course that doesn't cover execution with root privileges.
An alias in root wouldn't necessarily work, as an admin could inadvertantly
replace it with another. (By loading a new file with some changed alias, for
example.)
But probably less likely than some user doing the same on their profile.
There could be other approaches as well ... :)
--
André
