Path: utzoo!attcan!uunet!comdesign!canary!pst
From: pst@canary.cdi.com (Paul Traina)
Newsgroups: comp.unix.wizards
Subject: Re: fixing rm * (was: Worm/Passwords)
Message-ID: <564@comdesign.CDI.COM>
Date: 16 Nov 88 18:30:11 GMT
References: <1232@atari.UUCP>
Sender: news@comdesign.CDI.COM
Lines: 39

From article <1232@atari.UUCP>, by achar@atari.UUCP (Alan Char):
< Actually, you can change the shell.  (Nowadays, that's more like three to
< five things.)  For example, I would REALLY appreciate in csh a variable
< 
< 	set expandcheck=5
< 
< So that if some shell expansion expanded to more than 5 things, it would
< prompt for confirmation:
< 
< 	% rm * .o
< 	*: matches 400 files, are you sure?
< 
< Comments on this idea?  --Alan

I'll assume (from the gist of the protection) that this is to stop
stupidity, rather than a deliberate attack.  After all, a worm would
either know what to do at this point, or more likely, have used unlink(2).

My question is,  if we have the shell fix it,  how can we get the shell
to understand flags passed to the executable?  To give an example, if I
do 'rm * .o' I probably wouldn't mind seeing the match message come up.

However, 'rm -f * .o' means do it, yes I mean it, don't ask stupid questions.
I would use it in a shell script no doubt.  Now of course, it's pretty unlikely
that's what I meant.  Perhaps better consistency checking in rm itself would
be the answer.

For instance,  have rm (if -f is not used) check each path parameter passed to
it.  If one doesn't match at existing file at all, ask that the command be
confirmed.  Well, like any solution that's been discussed so far, this has
problems too.  I guess the best solution would be a modification of the human
involved so s/he always types what s/he means to type.  hmmm.

Comments on these ideas?

------
Paul Traina				To believe that what is true for
{uunet|pyramid}!comdesign!pst		you in your private heart is true
pst@cdi.com				for all men, that is genius.