Re: How to become very unpopular. (or:) A scary story.
> On Thu, Aug 16, 2001 at 10:53:31PM +0300, Richard Braakman wrote:
> > On Thu, Aug 16, 2001 at 01:56:02PM -0400, Thomas Hood wrote:
> > > 3. Add a space after "ROOTDIR=/"
> > > 4. Release to unwary users
> > An easy way to prevent problems of this sort is to specify all directory
> > variables without trailing slashes. This makes using them more natural, too.
> > Example:
> > > ROOTDIR=
> > > LIBDIR=$(ROOTDIR)/usr/lib
> > >
> > > install:
> > > mkdir $(LIBDIR)/foo
> > > cp -p lib/foo* $(LIBDIR)/foo/
> > >
> > > uninstall:
> > > rm -rf $(LIBDIR)
> also notice that this example will rm -rf /usr/lib ;-)
Yes, the line should have been "rm -rf $(LIBDIR)foo". Obviously
I didn't test my code very well. ;) But the error just amplifies
my point. We run these developer-provided scripts as root, and even
in the absence of malicious intent it is possible for little mistakes
to creep in that can cause an great deal of damage.