DragonFly BSD
DragonFly kernel List (threaded) for 2003-09
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: cache_lookup() work this week.

From: Jan Grant <Jan.Grant@xxxxxxxxxxxxx>
Date: Fri, 5 Sep 2003 11:34:31 +0100 (BST)

On Thu, 4 Sep 2003, Matthew Dillon wrote:

> :...
> :
> :Consider also:
> :    cd /a/b/c/d   ;  ln /a/outside
> :Time passes, and someone else types:
> :    cd /a/b/c     ;  rm -Rf *
> :
> :The person will think that they are just safely removing the
> :directory and everything below it, but now they could be
> :removing much more than that.  We'd have to do something to
> :guard against that problem too.  (and these hard links could
> :be created by users with nefarious purposes in mind, so the
> :person doing the 'rm' would have no reason to suspect that
> :this would be an issue).
>     This is a good one, and easy to solve... rm would just unlink() or
>     rmdir() the directory first, whether it is empty or not.  If the unlink
>     succeeds then rm considers its work done.
>     The last instance of the directory would not be unlinkable... rm -rf
>     would have to recurse through and delete the underlying files first.

mkdir -p /a/b/c/d/e
ln /a/b/c /a/b/c/d/e/f
rm -r /a/b

. ..leaves an unreachable cycle.

There are advantages in having a DAG for directory trees. I'm still
trying to figure out what good permitting cycles does.

jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/
Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/
New Freedom of Information Act: theirs, to yours. Happy now?

[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]