Please sync safe-rm 0.3-1 (universe) from Debian unstable (main)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
safe-rm (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: safe-rm
Please sync safe-rm 0.3-1 (universe) from Debian unstable (main).
Changelog since current intrepid version 0.2-5:
safe-rm (0.3-1) unstable; urgency=low
* New Upstream Version:
- Better protection for files in the current directory
-- Francois Marier <email address hidden> Tue, 09 Sep 2008 19:12:21 +1200
safe-rm (0.2-6) unstable; urgency=low
* Stop referring to /bin/rm in the package description
* Add Turkish debconf translation (closes: #490085)
* Add French debconf translation (closes: #490194)
* Add Portugese debconf translation (closes: #490237)
* Add Galician debconf translation (closes: #490387)
* Add Czech debconf translation (closes: #490581)
* Add Finnish debconf translation (closes: #490629)
* Add German debconf translation (closes: #490703)
* Add Swedish debconf translation (closes: #490798)
* Add Basque debconf translation (closes: #491003)
* Add Vietnamese debconf translation (closes: #491050)
* Add Russian debconf translation (closes: #491341)
-- Francois Marier <email address hidden> Thu, 24 Jul 2008 16:41:37 +1200
(I'm both the Debian maintainer and upstream for this project)
I believe that the bug that was fixed in 0.3 is quite important. Without this fix, the protection guaranteed by this package can be much smaller than what people would expect.
For example, on 0.2, even if you blacklist the file '/home/ username/ todo.txt' , typing "rm todo.txt" in your home directory will delete the file.
So technically, this bug doesn't make the package unusable, but it can be argued that it makes it quite a bit less useful.
Anyways, aside from the debconf translations and the slight alteration to the package description, the difference between intrepid and Debian unstable is a one-line fix to /usr/bin/safe-rm:
--- a/safe-rm
+++ b/safe-rm
@@ -131,7 +131,7 @@ for (my $i = 0; $i <= $#ARGV; $i++) {
# Normalize the pathname
my $normalized_ pathname = $pathname;
- if ($normalized_ pathname =~ m|/|) {
+ if ($normalized_ pathname =~ m|/| or -e "$normalized_ pathname" ) {
# Convert to an absolute path (e.g. remove "..")
Hence I would highly recommend that this package by synced before intrepid is released.
Francois