New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Using 'unlink' is not safe when running as 'root' as on Solaris 10 #59
Comments
Wow, that's pretty wild! Filesystems are jerks. Patch welcome to pass some kind of "stat first" flag. Maybe pass Note that the "readdir, do file stuff on |
Oh! Another option you could do today is to pass in a custom
(EDIT: updated to do |
FWIW, Solaris is actually doing the "classic" UNIX behavior for unlink(), it's just that the classic behavior is a bit insane. The relevant text from the
It makes it very hard to safely implement Here's what a Solaris 10 system does for
That "-3041965" is the magic
So basically solaris itself uses the |
Makes you wonder what will happen if you where to execute the following as root ;-) unlink / ; sync ; halt |
So, it turns out that this comment:
That I actually do need it.
I honestly can't believe I hit this, but I did. Basically, the issue is this:
On Solaris 10 (at least), if you run as root, it will let you call
unlink
on a directory and not return an error. This in turn makes any directory containing this undeletable, because the link count is now wrong.The solution here is simple: either always use
rmdir
-readdir
-unlink
, or have an option to enable it in select cases.The specific place I hit it was when using node-gyp and calling rebuild on a package, which did a clean, which in turn called rimraf.
I still can't believe this happened.
The text was updated successfully, but these errors were encountered: