[Mageia-dev] RM replacement

Fri Aug 5 01:36:13 CEST 2011

Le Jeudi 04 Août 2011 18:39:35 andre999 a écrit :
+> Luis Daniel Lucio Quiroz a écrit :
+> > Helo,
+> > 
+> > As my experience in security field, to make Mageia more available in
+> > enterprise environments, and specially those that are security
+> > paranoid, i'm planning to port SRM.  SRM is a package that does a
+> > "secure" file deleting according some security standards (i dont
+> > remember right now names, i guess it is something in NIST, but that
+> > doesnt matter really).
+> > 
+> > My question is, what should be the procedure that when you install srm,
+> > then the normal rm command could be replaced?  i was thinking in
+> > pushing an alias but what other alternatives do i have?
+> > 
+> > please comment,
+> > 
+> > LD
+> 
+> At first glance that sounds like a reasonable approach EXCEPT -- a
+> system-level alias would be over-ridden by a user alias.
+> A user could innocently have an alias such as :
+> alias rm="rm -i"
+> 
+> rm is in /bin
+> - /bin/rm could be replaced with a link to srm, but I don't know if that
+> would be considered acceptable.
+> rm would have to be restored if srm were uninstalled
+> 
+> - wouldn't a link in /usr/bin/rm be executed first ?
+> Of course that doesn't cover execution with root privileges.
+> An alias in root wouldn't necessarily work, as an admin could inadvertantly
+> replace it with another.  (By loading a new file with some changed alias,
+> for example.)
+> But probably less likely than some user doing the same on their profile.
+> 
+> There could be other approaches as well ... :)
+
+You are right! :)
+
+Well another option could be this:
+
+a. we change coreutils to install /bin/rm as  /bin/rm.vanilla (or other name, 
+that really doesnt matter),
+b. i change srm to install itself in /bin instead of /usr/bin
+c. we place alternatives in both packages to provide /bin/rm, giving 
+preference to srm if installed, otherwise it will use rm of coreutils
+
+LD
+