Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Monday April 17 2017, @08:34PM   Printer-friendly
from the people-that-live-in-a-bubble dept.

Edit: The link.

There were lots of good titles for this submission, as in "Breaking news: Poettering clueless?" to finally disprove Betteridge's law, or "systemd surprisingly not as good as advertised" or "Breaking new: systemd broken" or "Poettering censors critics after epic fail".

Systemd implementation of "rm -rf .*" will follow ".." to upper directory and erase /

How to reproduce:
        # mkdir -p /foo/dir{1,2}

        # touch /foo/.bar{1,2}

        # cat /etc/tmpfiles.d/test.conf

        R! /foo/.* - - - - -

        Reboot.

After the issue was fixed, finally Poettering added this gem of wisdom:

I am not sure I'd consider this much of a problem. Yeah, it's a UNIX pitfall, but "rm -rf /foo/.*" will work the exact same way, no?

The answer to this question, as many clarified for him, obviously is a loud "NO!". After being told a couple of times in no uncertain terms, the thread was closed for non-developers

poettering locked and limited conversation to collaborators 4 hours ago

for which I proposed the "freedom-of-speech" department (although I admit it is a weak proposal).


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Funny) by Anonymous Coward on Tuesday April 18 2017, @01:04AM (1 child)

    by Anonymous Coward on Tuesday April 18 2017, @01:04AM (#495626)

    I hope he isn't reading this, because I hate to give him ideas, but...

    First you take the interpretation out of the kernel. Let's say we justify this by solving the problem of a music player having access to your spreadsheets; they should be isolated. So we put each process in a different namespace, then pass them file descriptors to grant access. If an app wants to open something, it sends a D-BUS message (or a newly invented kind of message; that would be more his style) to a server that will respond with the file descriptor. That server of course supplies the dialog box for the file. Apps that fail to cooperate will see no files ever.

    Now that this new service is handling everything, and naturally running as root, it can implement security. Windows 10 ACLs would be the obvious choice. It can be like that, but just a little bit incompatible.

    You might wonder how this would work with the command line. Well, you'll need a special modified bash. It will have a built-in command to make the D-BUS request for opening a file. Wildcards become kind of pointless, since you select files through the GUI anyway, so there is no point in supporting wildcards. Legacy command-line tools can be invoked by using /proc/self/fd/ files, after you tell the shell which number goes with which file.

    Starting Score:    0  points
    Moderation   +5  
       Funny=5, Total=5
    Extra 'Funny' Modifier   0  

    Total Score:   5  
  • (Score: 3, Funny) by maxwell demon on Tuesday April 18 2017, @01:16AM

    by maxwell demon (1608) on Tuesday April 18 2017, @01:16AM (#495630) Journal

    Wildcards become kind of pointless, since you select files through the GUI anyway,

    No, of course to make it work with the command line, you'd add another layer of complexity (and another dependency). The GUI as well as each terminal or terminal emulator register themselves at the server as file selection providers. When a program asks for file selection, the server determines what file selection provider should be used for that process (which, of course, is an error-prone process which often will get surprising results), and then sends a message to the corresponding file selection provider to select a file. The GUI will open a dialog box, while the terminal will show a message and allow text input with tab completion.

    --
    The Tao of math: The numbers you can count are not the real numbers.