From unknown Sun Jun 22 17:15:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#20372: Fwd: Re: Bug#782869: coreutils: rm,ls,cd,mkdir, etc should be set so root cant remove them. Resent-From: Richard Jasmin Original-Sender: "Debbugs-submit" Resent-CC: bug-coreutils@gnu.org Resent-Date: Sun, 19 Apr 2015 23:06:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 20372 X-GNU-PR-Package: coreutils X-GNU-PR-Keywords: To: 20372@debbugs.gnu.org X-Debbugs-Original-To: bug-coreutils@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.14294847516286 (code B ref -1); Sun, 19 Apr 2015 23:06:01 +0000 Received: (at submit) by debbugs.gnu.org; 19 Apr 2015 23:05:51 +0000 Received: from localhost ([127.0.0.1]:60982 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YjyHd-0001dJ-QR for submit@debbugs.gnu.org; Sun, 19 Apr 2015 19:05:50 -0400 Received: from eggs.gnu.org ([208.118.235.92]:48359) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Yjurf-0004pC-CO for submit@debbugs.gnu.org; Sun, 19 Apr 2015 15:26:48 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YjurY-0002ag-Ku for submit@debbugs.gnu.org; Sun, 19 Apr 2015 15:26:42 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=5.0 tests=BAYES_05,FREEMAIL_FROM, HTML_MESSAGE,T_DKIM_INVALID autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:57199) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YjurY-0002ac-Hc for submit@debbugs.gnu.org; Sun, 19 Apr 2015 15:26:40 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33633) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YjurX-0000d7-D6 for bug-coreutils@gnu.org; Sun, 19 Apr 2015 15:26:40 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YjurW-0002aQ-9P for bug-coreutils@gnu.org; Sun, 19 Apr 2015 15:26:39 -0400 Received: from mail-qc0-x22a.google.com ([2607:f8b0:400d:c01::22a]:33691) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YjurW-0002aM-2o for bug-coreutils@gnu.org; Sun, 19 Apr 2015 15:26:38 -0400 Received: by qcrf4 with SMTP id f4so48439289qcr.0 for ; Sun, 19 Apr 2015 12:26:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type; bh=2RzBRdUTG327k3i9DTaZF9lg6fxdeIiCBZMDrC+VXjs=; b=plTAs2b9vbtBlLqg2XyyeKzWfgVfj6bKCVZrgT9oK/d7uB5Uqrm10b/jZ5y1psidfJ Ic6OlLWhiUS6syfg0KacmtQhsbCR97YdjJTm+HN7ot9X0Sh0q4Jupx6lPwPlTPR7extJ ajRKisGKFaBaRWtfAIfSR+xREYO6CXJCJV0iY1ThunZAI/TgNgCYhtmqHPNzorQ6pp2L HqtFp96sEi+8wMKPzwm8zKqfKcy1SheW2uxXR6TpM/2IurxLrGxEXyDMpJEL5E8gcGO8 arQ9jzcLTH5l3ijgAUEAykB4BpV7PUAVEU5yORqX7j7sMQmagOJ9a9fwc5R1eC3STzgB XAFg== X-Received: by 10.55.54.136 with SMTP id d130mr22329482qka.22.1429471597627; Sun, 19 Apr 2015 12:26:37 -0700 (PDT) Received: from ?IPv6:2602:30a:2ea2:9cb0:9463:e87f:40a9:c34e? ([2602:30a:2ea2:9cb0:9463:e87f:40a9:c34e]) by mx.google.com with ESMTPSA id e70sm12754089qka.40.2015.04.19.12.26.36 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 19 Apr 2015 12:26:37 -0700 (PDT) Message-ID: <5534016B.6010706@gmail.com> Date: Sun, 19 Apr 2015 14:26:35 -0500 From: Richard Jasmin User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.6.0 MIME-Version: 1.0 References: <20150419000712581210696@bob.proulx.com> <5534011D.1040600@gmail.com> In-Reply-To: <5534011D.1040600@gmail.com> Content-Type: multipart/alternative; boundary="------------060406020208090407070205" X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.0 (----) X-Mailman-Approved-At: Sun, 19 Apr 2015 19:05:48 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.0 (----) This is a multi-part message in MIME format. --------------060406020208090407070205 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit > I believe this dev is in ERROR.It is insufficient to just say root has > ultimate access. > System should have that access, not root. Root should never be able to > do this, its too easy to take down a system with rm. Package > components can still be removed, despite the non-ability to remove the > package as a whole.Package components should use +i or equivalent. Im > sorry if the dev doesnt agree. > > > -------- Forwarded Message -------- > Subject: Re: Bug#782869: coreutils: rm,ls,cd,mkdir, etc should be set > so root cant remove them. > Date: Sun, 19 Apr 2015 00:11:33 -0600 > From: Bob Proulx > To: richard jasmin , 782869@bugs.debian.org > > > > richard jasmin wrote: > > Root can remove CORE commands from the system and then the system is forever > > borked. > > Yes. Root is the superuser. With great power comes great > responsibility. > > How did you remove the coreutils from your system? > > > 1) there should be a fix for this: apt-get reinstall coreutils? > > 2) this bug should never be. System should have ultimate access, not root. Root > > should never be allowed to shoot self in foot. > > In order to have done this you must have answered the force question. > > # dpkg --purge coreutils > dpkg: error processing package coreutils (--purge): > this is an essential package; it should not be removed > Errors were encountered while processing: > coreutils > > There is already protection from removing the coreutils. This is not > a bug in the coreutils package. > > > please set immutable flag (+i) by default or imbed commands into kernel or > > something to fix this. > > No. That is not appropriate. Instead you should exercise proper care > when using root not to shoot yourself in the foot. > > If you have broken your system then I recommend using the > debian-installer in rescue mode to gain control of your system and > re-install the coreutuils. > > Bob > > > --------------060406020208090407070205 Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: 7bit
I believe this dev is in ERROR.It is insufficient to just say root has ultimate access.
System should have that access, not root. Root should never be able to do this, its too easy to take down a system with rm. Package components can still be removed, despite the non-ability to remove the package as a whole.Package components should use +i or equivalent. Im sorry if the dev doesnt agree.


-------- Forwarded Message --------
Subject: Re: Bug#782869: coreutils: rm,ls,cd,mkdir, etc should be set so root cant remove them.
Date: Sun, 19 Apr 2015 00:11:33 -0600
From: Bob Proulx <bob@proulx.com>
To: richard jasmin <frazzledjazz@gmail.com>, 782869@bugs.debian.org 


richard jasmin wrote:
> Root can remove CORE commands from the system and then the system is forever
> borked.

Yes.  Root is the superuser.  With great power comes great
responsibility.

How did you remove the coreutils from your system?

> 1) there should be a fix for this: apt-get reinstall coreutils?
> 2) this bug should never be. System should have ultimate access, not root. Root
> should never be allowed to shoot self in foot.

In order to have done this you must have answered the force question.

  # dpkg --purge coreutils
  dpkg: error processing package coreutils (--purge):
   this is an essential package; it should not be removed
  Errors were encountered while processing:
   coreutils

There is already protection from removing the coreutils.  This is not
a bug in the coreutils package.

> please set immutable flag (+i) by default or imbed commands into kernel or
> something to fix this.

No.  That is not appropriate.  Instead you should exercise proper care
when using root not to shoot yourself in the foot.

If you have broken your system then I recommend using the
debian-installer in rescue mode to gain control of your system and
re-install the coreutuils.

Bob



--------------060406020208090407070205-- From debbugs-submit-bounces@debbugs.gnu.org Sun Apr 19 19:51:17 2015 Received: (at control) by debbugs.gnu.org; 19 Apr 2015 23:51:17 +0000 Received: from localhost ([127.0.0.1]:32791 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Yjyzc-0002ij-KY for submit@debbugs.gnu.org; Sun, 19 Apr 2015 19:51:16 -0400 Received: from mail4.vodafone.ie ([213.233.128.170]:32299) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YjyzZ-0002iU-Jd for control@debbugs.gnu.org; Sun, 19 Apr 2015 19:51:14 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Ag8YAEE+NFVtTGk9/2dsb2JhbABbgwyBEAaBToFhg1mFUqwnlSg1eEwBAQEBAQF+QQWDegoqVA0CBRYLAgsDAgECATkGAgIIDQgBAYgrAaRRj1WFaI5MgSGSCYFFBaMIjWYigUUBAQgBAQEBgiE9gnUCAQI Received: from unknown (HELO localhost.localdomain) ([109.76.105.61]) by mail3.vodafone.ie with ESMTP; 20 Apr 2015 00:51:06 +0100 Message-ID: <55343F6A.9020805@draigBrady.com> Date: Mon, 20 Apr 2015 00:51:06 +0100 From: =?UTF-8?B?UMOhZHJhaWcgQnJhZHk=?= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: GNU bug tracker automated control server Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: tag 20372 notabug close 20372 [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [213.233.128.170 listed in list.dnswl.org] 1.8 MISSING_SUBJECT Missing Subject: header 0.2 NO_SUBJECT Extra score for no subject X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: tag 20372 notabug close 20372 [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [213.233.128.170 listed in list.dnswl.org] 1.8 MISSING_SUBJECT Missing Subject: header 0.2 NO_SUBJECT Extra score for no subject tag 20372 notabug close 20372