Subject: Re: CVS commit: src/usr.bin/find
From: Hisashi T Fujinaka <email@example.com>
Date: 02/08/2007 10:45:17
On Thu, 8 Feb 2007, Perry E. Metzger wrote:
> SODA Noriyuki <firstname.lastname@example.org> writes:
>>> How does the rm option introduce a security problem?
>> People may depend on the fact that current "-rm" implementation is
>> secure against the symlink race.
>> And introduction of the correct "-rm" implementation may break
>> the people's assumption. That's a security risk.
> The logic here is amazingly tortured. I can't agree with it. I'd go so
> far as to say that it is pretty much nonsense.
So far I think my summary of the situation is that you added something
as an alias so you can fix it in the future, and is kind of broken or
filled with gotchas for people who want it to work like a regular 'rm'.
I think it should be deleted until someone "fixes" it. It's not like
someone's going to steal the '-rm' option to do something else.
Hisashi T Fujinaka - email@example.com
BSEE(6/86) + BSChem(3/95) + BAEnglish(8/95) + MSCS(8/03) + $2.50 = latte