[TUHS] There is turmoil in Linux-land - When did rm first avoid going upwards?
Kurt H Maier
khm at sciops.net
Tue Apr 25 10:18:29 AEST 2017
On Mon, Apr 24, 2017 at 08:06:28PM -0400, Ron Natalie wrote:
> > rm in V6 outsources globbing to /etc/glob, which appears to report
> > no-match if the first character is .
> Actually, it's the shell that calls glob. Glob then invokes the command
> (in this case rm).
> Anyhow, that doesn't do what you think it does. It ignores directory
> entries that begin with '.' if the search string doesn't begin with ..
> ".*" will indeed match ".."
> Of course, the calamity depends on whether you have /tmp on it's own
> filesystem. V6 didn't go .. off the top of the filesystem, the root ..
> just linked back to the inode 1 (the root itself).
Thanks for correcting my hasty conclusions. /usr/source/s2/rm.c has an
execl call in the rm() function, but I didn't dig further into the
V7's /usr/src/cmd/rm.c definitely explicitly has a check for '..' and
an error message dedicated to the task.
So I think we can conclude that unix got this protection sometime
between V6 and V7 -- in other words, sometime in the late 1970s.
And systemd is now catching up. "Those who do not study unix" etc
More information about the TUHS