Revised posting of "Modified rm command"

Revised posting of "Modified rm command"

Post by Carl Lowenste » Tue, 08 Nov 1994 14:42:08




|:What I did not make clear is that the rm command should have
|:the ability to not give a chance to remove certain directories or
|:files at all. For eg. / or vmunix.
|:So if it could read a config file everytime a rm command is issued,
|:and check if the user is trying to delete a sacred file or directory,
|:it could prevent its deletion.

|:Aliasing rm to rm -i is not an option. (Users bypass the alias quite easily)
|
|What a silly notion.  They'll bypass rm if they want.  unlink() isn't privileged.
|
|--tom

Isn't this what Unix file-system permissions are all about?
Make the directory containing the sacred file un-writeable by the
casual user.  For good measure, make the file also un-writeable.

    carl
--
        carl lowenstein         marine physical lab     u.c. san diego


 
 
 

Revised posting of "Modified rm command"

Post by Tom Christianse » Tue, 08 Nov 1994 04:15:43



:This was my original note:
:
:>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
:Hi:
:
:I am trying  to find out if anybody out there has modified
: to find out if anybody out there has modified
:the "rm" command to prevent (recursive) removal of important
:files and subdirectories. Any ideas ????

:>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
:
:
:What I did not make clear is that the rm command should have
:the ability to not give a chance to remove certain directories or
:files at all. For eg. / or vmunix.
:So if it could read a config file everytime a rm command is issued,
:and check if the user is trying to delete a sacred file or directory,
:it could prevent its deletion.
:
:Aliasing rm to rm -i is not an option. (Users bypass the alias quite easily)

What a silly notion.  They'll bypass rm if they want.  unlink() isn't privileged.

--tom
--

As the trials of life continue to take their toll, remember that there
is always a future in Computer Maintenance.
                --National Lampoon, "Deteriorada"

 
 
 

1. Revised posting of "Modified rm command"


|>
|> To work properly, this *cannot* rely on changes to the "rm" utility.
|> For example:
|>   $ rm /tmp/keepme
|>   rm: local enhancement: /tmp/keepme is not deletable by "rm".
|>   $ cat>foo.c
|>   main(int argc,char**argv){return unlink(argv[1]);}
|>   ^D
|>   $ cc foo.c
|>   $ ./a.out /tmp/keepme
|>   $ ls /tmp/keepme
|>   ls: /tmp/keepme: no such file or directory

Thats the reason why Solaris 2.x is sold without cc ;)

However, one would do then:

        $ rm /tmp/keepme
        rm: local enhancement: /tmp/keepme is not deletable by "rm".
        $ mv /tmp/keepme /tmp/removeme
        $ rm /tmp/removeme
        ...

ACLs should be Unix standard (but probably won't as long as they
are not built into Berkeley UFS...)

--
+-o-+--------------------------------------------------------+-o-+
| o |               \\\- Brain Inside -///                   | o |
| o |                   ^^^^^^^^^^^^^^                       | o |

+-o-+--------------------------------------------------------+-o-+

2. Format.dat entries?

3. adding users problem

4. "Modified rm command"

5. 2.5.54 kill module.h compiler warnings

6. GETSERVBYNAME()????????????????????"""""""""""""

7. What happened to lookup_dentry?

8. "write" "to" "flon" commands

9. "weof" operation in "mt" command gives "permission denied"

10. """"""""My SoundBlast 16 pnp isn't up yet""""""""""""

11. ". / command" instead of "command" ???

12. HELP: "TOP" Command and "SZ" command