[Adduser-devel] Bug#472349: Bug#472349: adduser: please delay more than 5 seconds during deluser root

Justin Pryzby justinpryzby at users.sourceforge.net
Mon Mar 24 00:59:57 UTC 2008


On Mon, Mar 24, 2008 at 12:13:57AM +0000, Stephen Gran wrote:
> This one time, at band camp, Paul Johnson said:
> > On Sunday 23 March 2008 10:53:15 am Justin Pryzby wrote:
> > 
> > > This patch explicit statement that there is a time limit; without
> > > this, users are likely to reread the huge warning rather than quickly
> > > aborting/suspending the process to investigate.
> > 
> > With something as grave as removing the root account, wouldn't it make much 
> > more sense to ask for explicit confirmation to be entered and wait 
> > indefinitely until that happens, similar to what you must do in dpkg or apt 
> > if you try to remove base required packages?
Yes, perhaps unless an environment variable is set (to allow it to
happen in batch, if that's hypothetically useful).  I don't know if
it'd be sufficiently safe to initialize that variable to allow root's
removal if the stdio fd's are /dev/null or such.

> This bug is mostly harmless when deluser is called without a foolish
> flag like --remove-home or worse, --remove-all-files.
Really?  

> It is possible,
> of course, to say "no, you can't ever do that", but I do feel a little
> uncomfortable second guessing an admin who wants to do something
> drastically stupid - unix doesn't generally do that.
OTOH adduser/deluser are considered to be high level tools, so it
perhaps it isn't entirely unreasonable to reject it at that level?

Justin





More information about the Adduser-devel mailing list