Collin Funk <collin.funk1@HIDDEN>
to control <at> debbugs.gnu.org.
Full text available.Received: (at 79218) by debbugs.gnu.org; 11 Aug 2025 16:00:57 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon Aug 11 12:00:57 2025 Received: from localhost ([127.0.0.1]:49852 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ulUxE-0006Kz-PH for submit <at> debbugs.gnu.org; Mon, 11 Aug 2025 12:00:57 -0400 Received: from mail-wm1-x329.google.com ([2a00:1450:4864:20::329]:51225) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <pixelbeat@HIDDEN>) id 1ulUx7-0006KO-VC for 79218 <at> debbugs.gnu.org; Mon, 11 Aug 2025 12:00:51 -0400 Received: by mail-wm1-x329.google.com with SMTP id 5b1f17b1804b1-45a0dc77a15so4814085e9.2 for <79218 <at> debbugs.gnu.org>; Mon, 11 Aug 2025 09:00:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1754928042; x=1755532842; darn=debbugs.gnu.org; h=content-transfer-encoding:in-reply-to:from:content-language :references:to:subject:user-agent:mime-version:date:message-id :sender:from:to:cc:subject:date:message-id:reply-to; bh=ZraEppkncUACTbhPnoJsr9HJiX+GhIDZyTq9z0jemxk=; b=b0AbJJFR7lyVz6d8o0ZUR0lTKdxsBXtsHWf5W1MUgCkg1SrH43lQJJrDHISsKRkAmk h2ncqmr5TTpd7JlHfjsqcCz0YlXmDtOwGxY9B9A90ykdfovVuZ2HPskSCL43frrX9Q7V BZiHxDt9adjw6ZH7VTt8idh9b0vpHBFO4FogcCcV9Xsfz1FlLpJpnnbUr01Ph5KMO0A4 Jf3fMSgnNWi5YKG0KpKdNWbBnjNjjPmoqnLVnIM/LCjwLM7jJ/e9qydmfqCUlnZCaLzw yFaux+X95J74mr8VVX7hWnDGpSkWfBNsl09alw2IHaX06DI4Uk/dAUWVgBntYxhMNudI aVTw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1754928042; x=1755532842; h=content-transfer-encoding:in-reply-to:from:content-language :references:to:subject:user-agent:mime-version:date:message-id :sender:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ZraEppkncUACTbhPnoJsr9HJiX+GhIDZyTq9z0jemxk=; b=UojV6CdyK1oJSJJn+vEKzhKTzAKDjU8FfE/8G2QiAb+D+f7eA9+w4p2oS3pmZKUQ5d YZcU2+N1jNvQMMbXdkuBiUCTFCZsypgZ9ApEoYiiY/4m/F2YAhXVPepMKSZd+hZK83dE UN81tHp+iWFfz+IpYqTbj/BwM8sgnP67K32JNHAwJMhEgsYCxNglGHitwqwnSSYOsBKF 4+3X0AE+6nfEnBFa1lKIY0sz9xthF7gDuYv15pKjjsGq4v2WQNjyaM/zESzA1op0nxsy OjFFieY24IWiqyCPon/8IZUfsG1RxFOZrFppxBMBUyKho27O7tHWllk+QXdX1WaH2Mud 2JaQ== X-Forwarded-Encrypted: i=1; AJvYcCUBUD1wpJTbRKlXBfyAernOFTHYxyXoF+qfTYYAgRD3aEEV5BMFsJNCad+FtaJhXN7E9wjZtA==@debbugs.gnu.org X-Gm-Message-State: AOJu0YwVMlog7/1ew4Oe6O3bQrzBoYeUgyAHr30CJQR3jc2qXh1Oon7Y arMg92fmI2WIN5opbc4ld69zY9PptYk5VmnFw5psgDjELkoX/PXVIVCg X-Gm-Gg: ASbGncvymrEzRiZp+FnbaxE7VfQDInU17cMqVgzwlRI0+4fC+Cl07aM1ogZMcdAcKKt GDZQvtvGLMiLBjGrRszstioBtP2Z5uOy8hxvGO833Q2Fm2LpNctYudpCD7Xfxl52XeAHUmrH4nK gMpCL3vhYNThpcpuQ3iwpMR6ERlHPUwLl3EhMQOEqOEWd7F2xs8fEwG65YU68fDfE7LOsjf+Kv5 /IC/0es1zGyCizel4bxx+NHJxCp+mWvVCON4EUs4cd87oCM/d6qz8Z2rIb1pU52dpX66pvS810P Km2n8cMl4qDOg0dyDxqsc2Vgg3nCzFaD6uN+VgvXg2mKzcJwrhKHfBJ3RGyLXB6TrDb1CcABMST S+4dmUtn5+JsrNdUvdZX+UIohnojdvVV1XjsRwqDmHJPrqO0sP5Pdi9acbZ/Sp0t0bQHqJcbQ4X 8Bng== X-Google-Smtp-Source: AGHT+IFVUIi9fB4nPaKzRcxgRrFEm9U8XD2L372LbM22e2iZQ44s/ZYABSa6RCD7MaphdW4AbEQYgw== X-Received: by 2002:a05:600c:4f0c:b0:456:26a1:a0c1 with SMTP id 5b1f17b1804b1-45a10c003d0mr2415225e9.17.1754928042137; Mon, 11 Aug 2025 09:00:42 -0700 (PDT) Received: from [192.168.1.31] (86-44-211-146-dynamic.agg2.lod.rsl-rtd.eircom.net. [86.44.211.146]) by smtp.googlemail.com with ESMTPSA id 5b1f17b1804b1-4595cfea56fsm223795715e9.1.2025.08.11.09.00.40 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 11 Aug 2025 09:00:41 -0700 (PDT) Message-ID: <b1e0a1d1-9038-43b0-805d-849e06b79aec@HIDDEN> Date: Mon, 11 Aug 2025 17:00:38 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Beta Subject: Re: bug#79218: BUG: sudo rm -rf /* removes without --no-preserve-root To: Doctorixx <jebpip2008@HIDDEN>, 79218 <at> debbugs.gnu.org References: <CAC9Z=V0ajBXfmK1Ga6XA7XH940cK6OwzFkApOyh2UBy1Pq_pFw@HIDDEN> Content-Language: en-US From: =?UTF-8?Q?P=C3=A1draig_Brady?= <P@HIDDEN> In-Reply-To: <CAC9Z=V0ajBXfmK1Ga6XA7XH940cK6OwzFkApOyh2UBy1Pq_pFw@HIDDEN> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Score: 0.1 (/) X-Debbugs-Envelope-To: 79218 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -0.9 (/) On 11/08/2025 11:16, Doctorixx wrote: > Hello coreutils maintainers, > > I noticed a potentially dangerous difference in how rm handles the / and /* > patterns. > > Currently: > > $ sudo rm -rf / > rm: it is dangerous to operate recursively on '/' > rm: use --no-preserve-root to override this failsafe > > This prevents accidental deletion of the root directory. > > However: > > $ sudo rm -rf /* > > This command will proceed to remove the contents of /, effectively > destroying the system, without any warning. > > While this is technically correct according to shell expansion rules, it > may be surprising for some users. People might assume /* is just as > protected as /, but the safeguard doesn’t apply. > > P.S.: I removed root( Unfortunately, rm doesn't see the "/*", it only see's the individual paths, as the shell does the expansion before executing rm. A more problematic expansion might be inadvertently adding a space after ~/. For example if you wanted to `rm -Rf ~/foo/` but instead did `rm -Rf ~/ foo/`. This is something we could potentially protect against I suppose. cheers, Padraig
bug-coreutils@HIDDEN:bug#79218; Package coreutils.
Full text available.
Received: (at 79218) by debbugs.gnu.org; 11 Aug 2025 15:53:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Aug 11 11:53:19 2025
Received: from localhost ([127.0.0.1]:49838 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1ulUpq-0005ue-Qe
for submit <at> debbugs.gnu.org; Mon, 11 Aug 2025 11:53:19 -0400
Received: from mail-pj1-x102d.google.com ([2607:f8b0:4864:20::102d]:58834)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.84_2) (envelope-from <collin.funk1@HIDDEN>)
id 1ulUpn-0005uO-34
for 79218 <at> debbugs.gnu.org; Mon, 11 Aug 2025 11:53:15 -0400
Received: by mail-pj1-x102d.google.com with SMTP id
98e67ed59e1d1-31f02b6cd37so4725120a91.1
for <79218 <at> debbugs.gnu.org>; Mon, 11 Aug 2025 08:53:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1754927588; x=1755532388; darn=debbugs.gnu.org;
h=content-transfer-encoding:mime-version:user-agent:message-id:date
:references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date
:message-id:reply-to;
bh=2cTcHFG4JW556VKSW94DXag77mO53yscBwk8qo6Z2N0=;
b=L+RZd0mDMQwu5A7i3eSXHCvHT7Z6Ox84H4vdbuw40Ckmx6+Rx6T6py6r2Stq8LbiBj
bYg+784rVQumN2ufOrNqG6eto6KbCM8eAOVcfgYhFn0tyeygFCpLuhbq9mIKZy+ZHA6R
9v/oZBxqv6axQ9kJ3Zvk2turpPk9qcK8hNzLNCma33GlkT/VJrtxA13vQC5prUTC9wLH
zqaZmg9aiI8rdjVROBYz14lFeQGuKtlDrIxb+DWBy17roM+fLrn2HdoVIH7HnPAj0rov
Hl5JqgrgVKIlK8sALLIqWW7fu27DPcS5YjqYEDXYQWkZZRlVA/9JnK2sea09FDnky41J
P6NQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1754927588; x=1755532388;
h=content-transfer-encoding:mime-version:user-agent:message-id:date
:references:in-reply-to:subject:cc:to:from:x-gm-message-state:from
:to:cc:subject:date:message-id:reply-to;
bh=2cTcHFG4JW556VKSW94DXag77mO53yscBwk8qo6Z2N0=;
b=Oa3DQnj+I5Td6PEjAH9dH2GqsStcZaRcVGd86nQSlhF3ZmLdrDNbJwLin6ulc27x4z
oKxm+jUgnknYFcIVYpfd9QObKd50fGr8zxQoRDSBc9A0arGWgaYEpkF76O+HITv/SMIZ
g04/z1k05hrpKNSNaW/bwX5NNDI9xFlHaK1E8JYtFdq0ptQ9yBzTAi+Hvg2lUmnXkIUL
lv075Soy4Q/stk7E3wkDhXIce7uEKWgy0gl8dp9KjrZpmgcXms5LmVAqAoesgCYldUHR
WY7o4xCHYG5Tdn4vqVfUdHK+rAVziAvPkakUA3wyBU/v8JGCPX6IiptuTsSHO4qU50Th
oJIw==
X-Gm-Message-State: AOJu0Yzqk6wVxqV5tu8a/0sLGiLbdZuiCbwFp/F9NuBncgytJleDxCDV
8L5PIogZJi/cCv5YlGuTJ8co0AEQo77eF2IxEir47eeF24EBImNTLVAX+jOXLA==
X-Gm-Gg: ASbGncudJJOQJFKrJ6qe2pJBra8olq8wUe8mCzkbqFMRFj7bhIq+cuS5ECUzzmd2001
bFpclurMugNAHlyB2v1FTfMNHgUKbe+4JLOpfC9JHwMEwUIl6ZQ8AaXeCBfailOXPhuLpF9I2lt
kUKMvMux2GdbyX22Hb8TC/BT2g++SmFI3EjGSGePZg2vtA9r09GsH8yPm88Yi3oeX9Qzj9ofLOw
nL2HIgxIQYwFr9YtPNq3bHKJ0wf4CzctMGpLQRgfnzm7KnhY9pdRH8WedWgdLU+4nFKOfi79OBb
2UR47148xgPnS5AiY/8ls19bcUYXivn9gln1KPldwWv+OtrQFFGQcoJzYjlEJ5M69L4GavO5gI0
9Drk=
X-Google-Smtp-Source: AGHT+IHRxh4t3caF2HLld3Fq/A6ccRdKiATMz83r5DacsiMRAHf6TtWaWOfWYEYEE3QksFkpC+qt7w==
X-Received: by 2002:a17:90b:2812:b0:321:2407:3cec with SMTP id
98e67ed59e1d1-32183b3f47amr21066430a91.16.1754927587938;
Mon, 11 Aug 2025 08:53:07 -0700 (PDT)
Received: from fedora ([2601:646:8081:3770::e9a2])
by smtp.gmail.com with ESMTPSA id
98e67ed59e1d1-3218c3c2d58sm7858047a91.16.2025.08.11.08.53.07
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Mon, 11 Aug 2025 08:53:07 -0700 (PDT)
From: Collin Funk <collin.funk1@HIDDEN>
To: Doctorixx <jebpip2008@HIDDEN>
Subject: Re: bug#79218: BUG: sudo rm -rf /* removes without --no-preserve-root
In-Reply-To: <CAC9Z=V0ajBXfmK1Ga6XA7XH940cK6OwzFkApOyh2UBy1Pq_pFw@HIDDEN>
References: <CAC9Z=V0ajBXfmK1Ga6XA7XH940cK6OwzFkApOyh2UBy1Pq_pFw@HIDDEN>
Date: Mon, 11 Aug 2025 08:53:06 -0700
Message-ID: <87tt2donx9.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.3 (/)
X-Debbugs-Envelope-To: 79218
Cc: 79218 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.7 (/)
Hi,
Doctorixx <jebpip2008@HIDDEN> writes:
> Hello coreutils maintainers,
>
> I noticed a potentially dangerous difference in how rm handles the / and =
/*
> patterns.
>
> Currently:
>
> $ sudo rm -rf /
> rm: it is dangerous to operate recursively on '/'
> rm: use --no-preserve-root to override this failsafe
>
> This prevents accidental deletion of the root directory.
>
> However:
>
> $ sudo rm -rf /*
>
> This command will proceed to remove the contents of /, effectively
> destroying the system, without any warning.
>
> While this is technically correct according to shell expansion rules, it
> may be surprising for some users. People might assume /* is just as
> protected as /, but the safeguard doesn=E2=80=99t apply.
The 'rm' command does not handle /* since globbing is handled by the
shell. So 'rm' has no way of knowing it is passed /*, it just sees file
names passed to the command-line. Here is an example:
$ cat main.c=20
#include <stdio.h>
#include <stdlib.h>
int
main (int argc, char **argv)
{
for (int i =3D 1; i < argc; ++i)
printf ("%s\n", argv[i]);
return EXIT_SUCCESS;
}
$ gcc main.c
$ ./a.out /*
/afs
/bin
/boot
/dev
/etc
/home
[...]
Collin
bug-coreutils@HIDDEN:bug#79218; Package coreutils.
Full text available.Received: (at submit) by debbugs.gnu.org; 11 Aug 2025 15:10:33 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon Aug 11 11:10:33 2025 Received: from localhost ([127.0.0.1]:49759 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ulUAT-0003uO-16 for submit <at> debbugs.gnu.org; Mon, 11 Aug 2025 11:10:33 -0400 Received: from lists.gnu.org ([2001:470:142::17]:48694) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <jebpip2008@HIDDEN>) id 1ulPZy-00034w-AD for submit <at> debbugs.gnu.org; Mon, 11 Aug 2025 06:16:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <jebpip2008@HIDDEN>) id 1ulPZo-0000xF-RS for bug-coreutils@HIDDEN; Mon, 11 Aug 2025 06:16:24 -0400 Received: from mail-yw1-x1131.google.com ([2607:f8b0:4864:20::1131]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <jebpip2008@HIDDEN>) id 1ulPZk-0008Ne-Ga for bug-coreutils@HIDDEN; Mon, 11 Aug 2025 06:16:24 -0400 Received: by mail-yw1-x1131.google.com with SMTP id 00721157ae682-71b6ad2d6fcso42334617b3.3 for <bug-coreutils@HIDDEN>; Mon, 11 Aug 2025 03:16:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1754907376; x=1755512176; darn=gnu.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=GJTcRp0xXOEnMj+FWgJfD4Zg+QOZ1QpToeL5ndPAE9k=; b=PFXzjJtNYeMkh3SFdWGLsb50/s2a6Pe+VO3VX+5dmL07bgMFbeYxp5W7IU40wVg7Py ZRNwziQiROGMV/QzLJVy4FAeab6FuyGMNYV8AtsvZEy575dAF5hV/vIAtbtwmDCE79r+ iQgqp3DisibeHUUe6wQqv26ekt1O6IMUxMu3QzQKBHuLWRqrwsTFz5On5b7CgDRgqwUg IzuAt3kLuyHT6MqXNCUromUtagNpRRNNNpti4EIuhqzsxuf6Jv8XlcbiJt/nML07PEQR iNl5zSKO8Caa/9VCjxU3/SOgHZ5VQK6Ymvf5Iz2NWaBNzyNv1NFfxz91l/BWzOOVea+r D4EQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1754907376; x=1755512176; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=GJTcRp0xXOEnMj+FWgJfD4Zg+QOZ1QpToeL5ndPAE9k=; b=jssUZqAPPrjNjhZV3Y6zybkN978FgN12KUBi03zVMOPcrgQCeZWSzjzeEM8vfFhIhD 9noM48i7bhwqPiUyy5NX4j8qh+BHPcCHXxHV8PaqLEmrlYauSRTyntWUTAC7OWRHxt3J pNt/w8rtj/8zrWR0mOUHCofhDedhGVF1pHUkN8aja32MjM0zFgtdMfuIdUwiYXMwoJqn fT7JB0mBz0qjtqk/B/5HE8WTx8aq7+4IpLrf40z1RRDuCgOLzqDYHIAwJQv6sS6o3BHe uvJD4c0cLu6yqqEI9twZ0RFaYiV5YWCmE6SVeBNQ8Gf4INKCS5fWbBpFNwV/LskOJYdh qWdg== X-Gm-Message-State: AOJu0Yx0fmtHX07S2AI3eY09niUjJbpCdKmTBUYdjIDwbpHcq01D6zdS fsJSWcv1WnKV802er91kGa1YNu47DJTHekrH+3XvSKbRa+53v2VWAKJArZNJAoxnuARPYMbovYt rVjiePKBUqwaAA8+bOUAosZCuciyU63z0Z+UbsrpCtA== X-Gm-Gg: ASbGnct3AOqvAFSpw8XwYZCsPWK6nLyYPpKRI8oT49E6swdoiHtRfM9QIpfIaWtAjCY mNbI0SuA7YZkRk5UKPHQb2JswsK+vm1/TJS80K5uhTfTgdNkl5t3EVS08YfTLjL1/iNmco/xXqG 3Tc/hBxBQ1jhCVEMUBcDk4szKVyRV7q217F/MApYxLrOrN/0hKseUb6p+RDJBuMfAzG3OsuJ7cb L5Cmw== X-Google-Smtp-Source: AGHT+IFrVTOmvesAReqDl8X3qNqe2+oRCnAZqGHUvp9RfK8iFk+lLSLHJZ2BRC8y165Wlizhj7NPPF8vDxBl+7R+1l0= X-Received: by 2002:a05:690c:3602:b0:71b:c8fb:aa95 with SMTP id 00721157ae682-71bf0e3e4fcmr151066517b3.22.1754907375394; Mon, 11 Aug 2025 03:16:15 -0700 (PDT) MIME-Version: 1.0 From: Doctorixx <jebpip2008@HIDDEN> Date: Mon, 11 Aug 2025 13:16:04 +0300 X-Gm-Features: Ac12FXy-ldrBZlUq-aupuXTPx45kigSH1cleljEG6IilgL7SIdMhotUEMPDcMfE Message-ID: <CAC9Z=V0ajBXfmK1Ga6XA7XH940cK6OwzFkApOyh2UBy1Pq_pFw@HIDDEN> Subject: BUG: sudo rm -rf /* removes without --no-preserve-root To: bug-coreutils@HIDDEN Content-Type: multipart/alternative; boundary="000000000000b964e2063c14366b" Received-SPF: pass client-ip=2607:f8b0:4864:20::1131; envelope-from=jebpip2008@HIDDEN; helo=mail-yw1-x1131.google.com X-Spam_score_int: -17 X-Spam_score: -1.8 X-Spam_bar: - X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 1.2 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hello coreutils maintainers, I noticed a potentially dangerous difference in how rm handles the / and /* patterns. Currently: Content analysis details: (1.2 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (jebpip2008[at]gmail.com) 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (jebpip2008[at]gmail.com) 0.0 HTML_MESSAGE BODY: HTML included in message -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2001:470:142:0:0:0:0:17 listed in] [list.dnswl.org] X-Debbugs-Envelope-To: submit X-Mailman-Approved-At: Mon, 11 Aug 2025 11:10:30 -0400 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: 0.2 (/) --000000000000b964e2063c14366b Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hello coreutils maintainers, I noticed a potentially dangerous difference in how rm handles the / and /* patterns. Currently: $ sudo rm -rf / rm: it is dangerous to operate recursively on '/' rm: use --no-preserve-root to override this failsafe This prevents accidental deletion of the root directory. However: $ sudo rm -rf /* This command will proceed to remove the contents of /, effectively destroying the system, without any warning. While this is technically correct according to shell expansion rules, it may be surprising for some users. People might assume /* is just as protected as /, but the safeguard doesn=E2=80=99t apply. P.S.: I removed root( --000000000000b964e2063c14366b Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><p>Hello coreutils maintainers,</p><p>I noticed a potentia= lly dangerous difference in how <code>rm</code> handles the <code>/</code> = and <code>/*</code> patterns.</p> <p>Currently:</p> <pre class=3D"gmail-overflow-visible!"><div class=3D"gmail-contain-inline-s= ize gmail-rounded-2xl gmail-relative gmail-bg-token-sidebar-surface-primary= "><div class=3D"gmail-flex gmail-items-center gmail-text-token-text-seconda= ry gmail-px-4 gmail-py-2 gmail-text-xs gmail-font-sans gmail-justify-betwee= n gmail-h-9 gmail-bg-token-sidebar-surface-primary gmail-select-none gmail-= rounded-t-2xl"><span style=3D"font-family:Arial,Helvetica,sans-serif">$ sud= o rm -rf /</span></div><div class=3D"gmail-overflow-y-auto gmail-p-4" dir= =3D"ltr"><code class=3D"gmail-whitespace-pre!">rm: it <span class=3D"gmail-= hljs-keyword">is</span> dangerous <span class=3D"gmail-hljs-keyword">to</sp= an> operate recursively <span class=3D"gmail-hljs-keyword">on</span> <span = class=3D"gmail-hljs-string">'/'</span> rm: use <span class=3D"gmail-hljs-comment">--no-preserve-root to override t= his failsafe</span> </code></div></div></pre> <p>This prevents accidental deletion of the root directory.</p> <p>However:</p> <pre class=3D"gmail-overflow-visible!"><div class=3D"gmail-contain-inline-s= ize gmail-rounded-2xl gmail-relative gmail-bg-token-sidebar-surface-primary= "><div class=3D"gmail-flex gmail-items-center gmail-text-token-text-seconda= ry gmail-px-4 gmail-py-2 gmail-text-xs gmail-font-sans gmail-justify-betwee= n gmail-h-9 gmail-bg-token-sidebar-surface-primary gmail-select-none gmail-= rounded-t-2xl"><span class=3D"gmail-hljs-meta gmail-prompt_" style=3D"font-= family:Arial,Helvetica,sans-serif">$ </span><span class=3D"gmail-language-b= ash" style=3D"font-family:Arial,Helvetica,sans-serif">sudo <span class=3D"g= mail-hljs-built_in">rm</span></span><span style=3D"font-family:Arial,Helvet= ica,sans-serif"> -rf /*</span></div></div></pre> <p>This command will proceed to remove the contents of <code>/</code>, effe= ctively destroying the system, without any warning.</p> <p>While this is technically correct according to shell expansion rules, it= may be surprising for some users. People might assume <code>/*</code> is j= ust as protected as <code>/</code>, but the safeguard doesn=E2=80=99t apply= .<br></p><p>P.S.: I removed root(</p></div> --000000000000b964e2063c14366b--
Doctorixx <jebpip2008@HIDDEN>:bug-coreutils@HIDDEN.
Full text available.bug-coreutils@HIDDEN:bug#79218; Package coreutils.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.