Re: [Off Topic] Re: Linux security



On 5/5/06, Peter Garrett <peter.garrett@xxxxxxxxxxxxxxx> wrote:
On Fri, 5 May 2006 13:42:52 +0800
"Michael Richter" <ttmrichter@xxxxxxxxx> wrote:

> cd /
> <enter a string of commands here and, in the process, forget where you are>
> rm -fR * .old
>
> What was that about "sane defaults" and "graceful error recovery" that
> someone else was blathering on about again? There's not so much as a "are
> you sure you want to kill your system?"-style error message there. The
> "sane default" is to trash your whole file system. From a moment's
> inattention.

Quite true. Of course if the user concerned is using Ubuntu, and has not
enabled a root password, it becomes less likely (not impossible by any
means, just less likely).

I suppose that's one argument in favour of the sudo default as a "sane
default". At least it exits after a command, so unless you consciously
prepend "sudo", you get a permission refusal. I assume, though I don't
intend to test my theory ( heh ), that something similar to "rm -fR /
" could be done on Mac OS-X with sudo.

The same kind of typo can cetainly wipe out a user's own files...

$ pwd
/home/peter
$ rm -fR * .old
$ ls
$

Oops!

Some distros ( Mandrake used to do this) alias rm to 'rm -i' . Personally,
I don't like this, but I can see the thinking.

rm -i doesn't save you from -fr. I know, because one of the first
things I did when coming to Ubuntu from Mandriva was precisely alias
cp, mv and rm to their -i equivalents, and rm -rf still
works-as-advertised. I'll go out on a limb, though, and say that if
you're running as root, don't know in which dir you're working, and
use rm -rf when graphical desktops with trashcans are there to help
you, you deserve it.

rm -rf _is_not_the_default_. rm is the default, and it doesn't delete
non-empty directories recursively on its own. If you open the trashcan
properties, say in some way that everything should be deleted, not
moved there, and then delete some folders in windows as an admin, you
get a similar behaviour. It's not the default, and nobody says it is.
It's an option provided by the system to those who know what they do,
or should. And if they don't, they get an accelerated crash-course.

I frankly don't agree with people that insist that _every_ part of the
unix system should be user-friendly. If you don't want random
accidental destruction through misuse of spaces (rm -fR * .old), don't
use the shell for file management. You've got Nautilus. You've got
Konqueror. There's even mc. The shell comes at a price.

--
Adriano Varoli Piazza
The Inside Out: http://moranar.com.ar
ICQ: 4410132
MSN: moranar@xxxxxxxxx

--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
https://lists.ubuntu.com/mailman/listinfo/ubuntu-users