[Off Topic] Re: Linux security
Peter Garrett
peter.garrett at optusnet.com.au
Fri May 5 07:12:10 UTC 2006
On Fri, 5 May 2006 13:42:52 +0800
"Michael Richter" <ttmrichter at gmail.com> wrote:
> cd /
> <enter a string of commands here and, in the process, forget where you are>
> rm -fR * .old
>
> What was that about "sane defaults" and "graceful error recovery" that
> someone else was blathering on about again? There's not so much as a "are
> you sure you want to kill your system?"-style error message there. The
> "sane default" is to trash your whole file system. From a moment's
> inattention.
Quite true. Of course if the user concerned is using Ubuntu, and has not
enabled a root password, it becomes less likely (not impossible by any
means, just less likely).
I suppose that's one argument in favour of the sudo default as a "sane
default". At least it exits after a command, so unless you consciously
prepend "sudo", you get a permission refusal. I assume, though I don't
intend to test my theory ( heh ), that something similar to "rm -fR /
" could be done on Mac OS-X with sudo.
The same kind of typo can cetainly wipe out a user's own files...
$ pwd
/home/peter
$ rm -fR * .old
$ ls
$
Oops!
Some distros ( Mandrake used to do this) alias rm to 'rm -i' . Personally,
I don't like this, but I can see the thinking.
Peter
More information about the ubuntu-users
mailing list