freebsd-dev/bin/rm
Xin LI 86da4a5eea Correct a security issue introduced in previous commit:
instead of removing the file and issue a warning about
the removal, do not do any operation at all in case -P
is specified when the dinode has hard links.

With -f and -P specified together, we assume that the
user wants rm to overwrite the contents of the file
and remove it (destroy the contents of file but leave
its hard links as is).

The reason of doing it this way is that, in case where
a hard link is created by a malicious user (currently
this is permitted even if the user has no access to the
file).  Losing the link can potentially mean that the
actual owner would lose control completely to the user
who wants to obtain access in a future day.

Discussed with:	Peter Jermey
2006-10-31 02:22:36 +00:00
..
Makefile Remove unnecessary SRCS= where could be guessed directly by our 2005-01-27 14:52:47 +00:00
rm.1 Correct a security issue introduced in previous commit: 2006-10-31 02:22:36 +00:00
rm.c Correct a security issue introduced in previous commit: 2006-10-31 02:22:36 +00:00