Hi Jiri,
Jiri B. wrote on Sat, Dec 04, 2010 at 12:37:03PM +0100:
> I was playing with file flags in /tmp, after reboot I saw
> that /etc/rc cannot `rm' files with flags.
When causing an exceptionally ugly mess by hand,
i'd say cleaning up that mess by hand is a sane approach.
Scripts like rc(8) and daily(8) are supposed to cover maintenance
issues related to normal and sane usage of the system.
I'm not sure setting uchg in /tmp belongs into that class.
Besides, if i read the rc(8) code correctly, there is no real problem
with the current code. The rc(8) script throws error messages,
which makes sense, but the boot doesn't fail, right?
> - find . ! -name . ! -name lost+found ! -name quota.user \
> - ! -name quota.group -execdir rm -rf -- {} \; -type d -prune)
> + find . ! -name . ! -name lost+found ! -name quota.user ! -name
> quota.group \
> + -execdir sh -c 'i="{}"
> + flag="`ls -ldo $i | sed "s/\([^ ]*\)\ \([^ ]*\)\ \([^ ]*\)\ \([^
> ]*\)\ \([^ ]*\)\(.*\)/\5/"`"
> + if [ X"$flag" != X"-" ]; then
> + chflags -R nosappnd,noschg,nouappnd,nouchg $i
> + fi
> + rm -rf -- $i' \; -type d -prune)
Even if we would decide to deal with that exotic issue automatically,
-execdir sh -c ... $( ... )
looks like a terrible approach to me. It's exceeding complex, hard
to understand and probably dangerous. For example, what happens
if you - as a normal user! - create a file called
";cd ..;rm -rf home"
This may need a bit of tuning to work, but just trying to work out
how to design and prevent such attacks leads into a nightmare.
All this could certainly be done better with find find(1) -flags,
but i would prefer keeping this code as simple as possible
and not trying to deal with flags.
Yours,
Ingo
