Subject: Re: CVS commit: src/usr.bin/find
To: Perry E. Metzger <email@example.com>
From: SODA Noriyuki <firstname.lastname@example.org>
Date: 02/09/2007 03:32:04
>>>>> On Thu, 08 Feb 2007 13:00:14 -0500,
"Perry E. Metzger" <email@example.com> said:
> It is close enough and I'd rather fix things than get into a situation
> where we argue about whether the option is ever coming back again.
The problems are:
i. The consensus for the necessity of the -rm option is not yet made.
Certain people are objecting the -rm option.
ii. If the consensus is "no", having -rm option in the tree causes
incompatible change (i.e. removing a feature that people may already
depend on it.)
iii. Even if the consensus is "yes", there is still security risk below.
On the other hand, removing "-rm" for now harms nothing.
>> As far as I can tell, removing the "-rm" option harms nothing.
>> On the other hand, leaving the current "-rm" option introduces
>> security problem as I said.
> How oes the rm option introduce a security problem?
People may depend on the fact that current "-rm" implementation is
secure against the symlink race.
And introduction of the correct "-rm" implementation may break
the people's assumption. That's a security risk.