[Mageia-dev] RM replacement
andr55 at laposte.net
Fri Aug 5 00:39:35 CEST 2011
Luis Daniel Lucio Quiroz a écrit :
> As my experience in security field, to make Mageia more available in enterprise
> environments, and specially those that are security paranoid, i'm planning to
> port SRM. SRM is a package that does a "secure" file deleting according some
> security standards (i dont remember right now names, i guess it is something
> in NIST, but that doesnt matter really).
> My question is, what should be the procedure that when you install srm, then
> the normal rm command could be replaced? i was thinking in pushing an alias
> but what other alternatives do i have?
> please comment,
At first glance that sounds like a reasonable approach EXCEPT -- a system-level
alias would be over-ridden by a user alias.
A user could innocently have an alias such as :
alias rm="rm -i"
rm is in /bin
- /bin/rm could be replaced with a link to srm, but I don't know if that would
be considered acceptable.
rm would have to be restored if srm were uninstalled
- wouldn't a link in /usr/bin/rm be executed first ?
Of course that doesn't cover execution with root privileges.
An alias in root wouldn't necessarily work, as an admin could inadvertantly
replace it with another. (By loading a new file with some changed alias, for
But probably less likely than some user doing the same on their profile.
There could be other approaches as well ... :)
More information about the Mageia-dev