summaryrefslogtreecommitdiffstats
path: root/usr.bin
diff options
context:
space:
mode:
authorjilles <jilles@FreeBSD.org>2013-08-02 14:14:23 +0000
committerjilles <jilles@FreeBSD.org>2013-08-02 14:14:23 +0000
commit713e53c6b93f362bd026ade64f87d8fc3b0e70a0 (patch)
treef1d1b1c80bcd2cc9448bebfd654a13bad4a76f6c /usr.bin
parent7eacd3a0af787b4bf4f765697081bcd408881d12 (diff)
downloadFreeBSD-src-713e53c6b93f362bd026ade64f87d8fc3b0e70a0.zip
FreeBSD-src-713e53c6b93f362bd026ade64f87d8fc3b0e70a0.tar.gz
find: Allow -delete to delete files given as arguments.
Formerly, a command like find dir1/dir2 -delete would delete everything under dir1/dir2 but not dir1/dir2 itself. When -L is not specified and "." can be opened, the fts(3) code underlying find(1) is careful to avoid following symlinks or being dropped in different locations by moving the directory fts is currently traversing. If a problematic concurrent modification is detected, fts will not enter the directory or abort. Files found in the search are returned via the current working directory and a pathname not containing a slash. For paranoia, find(1) verifies this when -delete is used. However, it is too paranoid about the root of the traversal. It is already assumed that the initial pathname does not refer to directories or symlinks that might be replaced by untrusted users; otherwise, the whole traversal would be unsafe. Therefore, it is not necessary to do the check for fts_level == FTS_ROOTLEVEL. Deleting the pathnames given as arguments can be prevented without error messages using -mindepth 1 or by changing directory and passing "." as argument to find. This works in the old as well as the new version of find. Tested by: Kurt Lidl Reviewed by: jhb
Diffstat (limited to 'usr.bin')
-rw-r--r--usr.bin/find/function.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/usr.bin/find/function.c b/usr.bin/find/function.c
index 7f16a8f..56d361c 100644
--- a/usr.bin/find/function.c
+++ b/usr.bin/find/function.c
@@ -442,7 +442,8 @@ f_delete(PLAN *plan __unused, FTSENT *entry)
errx(1, "-delete: forbidden when symlinks are followed");
/* Potentially unsafe - do not accept relative paths whatsoever */
- if (strchr(entry->fts_accpath, '/') != NULL)
+ if (entry->fts_level > FTS_ROOTLEVEL &&
+ strchr(entry->fts_accpath, '/') != NULL)
errx(1, "-delete: %s: relative path potentially not safe",
entry->fts_accpath);
OpenPOWER on IntegriCloud