Protection from the dreaded "rm -fr /"
David Schultz
das at FreeBSD.ORG
Sat Oct 2 17:19:54 PDT 2004
On Sun, Oct 03, 2004, Giorgos Keramidas wrote:
> On 2004-10-02 17:22, Garance A Drosihn <drosih at rpi.edu> wrote:
> > At 8:57 PM +0300 10/2/04, Giorgos Keramidas wrote:
> > >On 2004-10-02 21:23, Lee Harr <missive at hotmail.com> wrote:
> > >> How about:
> > >> chflags sunlnk /
> > >> ?
> > >
> > >Setting sunlink on / will only protect the / directory, not its
> > >descendants, so you don't gain much.
> >
> > We could add a new flag "srunlnk", or maybe even "srm-r". The "rm"
> > command will always have to stat() the file it is given (just to
> > see if it is a directory), so it could check to see if this flag
> > is turned on. If it is turned on, then 'rm' could refuse to honor
> > any '-rf' request on that directory. [...]
>
> Hmmm. This sounds much better indeed :-)
Give a choice between an elegant 50-line solution involving kernel
changes and a somewhat inelegant but complete 3-line solution, I
have to say I'd opt for the 3-line solution...
More information about the freebsd-hackers
mailing list