diff options
Diffstat (limited to 'zarb-ml/mageia-dev/2011-August/007239.html')
| -rw-r--r-- | zarb-ml/mageia-dev/2011-August/007239.html | 143 |
1 files changed, 143 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/2011-August/007239.html b/zarb-ml/mageia-dev/2011-August/007239.html new file mode 100644 index 000000000..52f2cf04e --- /dev/null +++ b/zarb-ml/mageia-dev/2011-August/007239.html @@ -0,0 +1,143 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-dev] RM replacement + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20RM%20replacement&In-Reply-To=%3C4E3B76AD.3020005%40laposte.net%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="007236.html"> + <LINK REL="Next" HREF="007242.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-dev] RM replacement</H1> + <B>andre999</B> + <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20RM%20replacement&In-Reply-To=%3C4E3B76AD.3020005%40laposte.net%3E" + TITLE="[Mageia-dev] RM replacement">andr55 at laposte.net + </A><BR> + <I>Fri Aug 5 06:50:53 CEST 2011</I> + <P><UL> + <LI>Previous message: <A HREF="007236.html">[Mageia-dev] RM replacement +</A></li> + <LI>Next message: <A HREF="007242.html">[Mageia-dev] RM replacement +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#7239">[ date ]</a> + <a href="thread.html#7239">[ thread ]</a> + <a href="subject.html#7239">[ subject ]</a> + <a href="author.html#7239">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>Luis Daniel Lucio Quiroz a écrit : +><i> Le Jeudi 04 Août 2011 18:39:35 andre999 a écrit : +</I>>><i> Luis Daniel Lucio Quiroz a écrit : +</I>>>><i> Helo, +</I>>>><i> +</I>>>><i> As my experience in security field, to make Mageia more available in +</I>>>><i> enterprise environments, and specially those that are security +</I>>>><i> paranoid, i'm planning to port SRM. SRM is a package that does a +</I>>>><i> "secure" file deleting according some security standards (i dont +</I>>>><i> remember right now names, i guess it is something in NIST, but that +</I>>>><i> doesnt matter really). +</I>>>><i> +</I>>>><i> My question is, what should be the procedure that when you install srm, +</I>>>><i> then the normal rm command could be replaced? i was thinking in +</I>>>><i> pushing an alias but what other alternatives do i have? +</I>>>><i> +</I>>>><i> please comment, +</I>>>><i> +</I>>>><i> LD +</I>>><i> +</I>>><i> At first glance that sounds like a reasonable approach EXCEPT -- a +</I>>><i> system-level alias would be over-ridden by a user alias. +</I>>><i> A user could innocently have an alias such as : +</I>>><i> alias rm="rm -i" +</I>>><i> +</I>>><i> rm is in /bin +</I>>><i> - /bin/rm could be replaced with a link to srm, but I don't know if that +</I>>><i> would be considered acceptable. +</I>>><i> rm would have to be restored if srm were uninstalled +</I>>><i> +</I>>><i> - wouldn't a link in /usr/bin/rm be executed first ? +</I>>><i> Of course that doesn't cover execution with root privileges. +</I>>><i> An alias in root wouldn't necessarily work, as an admin could inadvertantly +</I>>><i> replace it with another. (By loading a new file with some changed alias, +</I>>><i> for example.) +</I>>><i> But probably less likely than some user doing the same on their profile. +</I>>><i> +</I>>><i> There could be other approaches as well ... :) +</I>><i> +</I>><i> You are right! :) +</I>><i> +</I>><i> Well another option could be this: +</I>><i> +</I>><i> a. we change coreutils to install /bin/rm as /bin/rm.vanilla (or other name, +</I>><i> that really doesnt matter), +</I>><i> b. i change srm to install itself in /bin instead of /usr/bin +</I>><i> c. we place alternatives in both packages to provide /bin/rm, giving +</I>><i> preference to srm if installed, otherwise it will use rm of coreutils +</I>><i> +</I>><i> LD +</I> +That would probably be the ideal approach. But it might take a while to get +the changes accepted in coreutils. + +Maybe it could be all done from srm ? +On srm install, +a. rename /bin/rm to /bin/rm.vanilla (or rm.original or ?) +b. create /bin/rm link to /bin/srm + +On srm uninstall, we ensure that +a. rm /bin/rm link +b. rename /bin/rm.vanilla to /bin/rm + +Hopefully that could be done reliably, with an uninstall script. + +-- +André +</PRE> + + + + + + + + + + + + + + + + + + + + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="007236.html">[Mageia-dev] RM replacement +</A></li> + <LI>Next message: <A HREF="007242.html">[Mageia-dev] RM replacement +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#7239">[ date ]</a> + <a href="thread.html#7239">[ thread ]</a> + <a href="subject.html#7239">[ subject ]</a> + <a href="author.html#7239">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev +mailing list</a><br> +</body></html> |