GNU bug report logs - #20372
Fwd: Re: Bug#782869: coreutils: rm,ls,cd,mkdir, etc should be set so root cant remove them.

Previous Next

Package: coreutils;

Reported by: Richard Jasmin <frazzledjazz <at> gmail.com>

Date: Sun, 19 Apr 2015 23:06:01 UTC

Severity: normal

Tags: notabug

Done: Pádraig Brady <P <at> draigBrady.com>

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Richard Jasmin <frazzledjazz <at> gmail.com>
To: bug-coreutils <at> gnu.org
Subject: Re: Fwd: Re: Bug#782869: coreutils: rm,ls,cd,mkdir, etc should be
 set so root cant remove them.
Date: Sun, 19 Apr 2015 14:26:35 -0500

[Message part 1 (text/plain, inline)]
> I believe this dev is in ERROR.It is insufficient to just say root has
> ultimate access.
> System should have that access, not root. Root should never be able to
> do this, its too easy to take down a system with rm. Package
> components can still be removed, despite the non-ability to remove the
> package as a whole.Package components should use +i or equivalent. Im
> sorry if the dev doesnt agree.
>
>
> -------- Forwarded Message --------
> Subject: 	Re: Bug#782869: coreutils: rm,ls,cd,mkdir, etc should be set
> so root cant remove them.
> Date: 	Sun, 19 Apr 2015 00:11:33 -0600
> From: 	Bob Proulx <bob <at> proulx.com>
> To: 	richard jasmin <frazzledjazz <at> gmail.com>, 782869 <at> bugs.debian.org
>
>
>
> richard jasmin wrote:
> > Root can remove CORE commands from the system and then the system is forever
> > borked.
>
> Yes.  Root is the superuser.  With great power comes great
> responsibility.
>
> How did you remove the coreutils from your system?
>
> > 1) there should be a fix for this: apt-get reinstall coreutils?
> > 2) this bug should never be. System should have ultimate access, not root. Root
> > should never be allowed to shoot self in foot.
>
> In order to have done this you must have answered the force question.
>
>   # dpkg --purge coreutils
>   dpkg: error processing package coreutils (--purge):
>    this is an essential package; it should not be removed
>   Errors were encountered while processing:
>    coreutils
>
> There is already protection from removing the coreutils.  This is not
> a bug in the coreutils package.
>
> > please set immutable flag (+i) by default or imbed commands into kernel or
> > something to fix this.
>
> No.  That is not appropriate.  Instead you should exercise proper care
> when using root not to shoot yourself in the foot.
>
> If you have broken your system then I recommend using the
> debian-installer in rescue mode to gain control of your system and
> re-install the coreutuils.
>
> Bob
>
>
>


[Message part 2 (text/html, inline)]
This bug report was last modified 10 years and 38 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.