cp bug?

[Denys Vlasenko]

On Friday 28 March 2008 17:11, Joakim Tjernlund wrote:
> > Well, GNU cp also copies TO dest symlink's target too,
> > which is incredibly careless. Hell knows where that symlink points -
> > /etc/passwd? /dev/sda? Cool, eh?
> 
> Very :) But then again perhaps this is the right thing to do. Why
> follow the symlink in one direction but not the other?

In my view usability and security should trump "abstract correctness"
and "symmetry" considerations.

How can root use safely copy a file to user-owned directory?

Obviously, "cp somefile /home/user/somefile"

What will happen if user created malicious symlink
/home/user/somefile -> /dev/sda? Should cp STILL write to
symlink's target despite it being dangerous?

> > Instead of wanting cp to be a mix of copy and cat, why don't you use
> > cat when you want to say "please open and read from this file/device/pipe"?
> > That would be unambiguous. (Same holds for writing TO things - use >file).
> 
> maybe, but then cp should be fixed to not copy the contents of a
> symlink?

If you ask me, yes, I'd prefer "cp" to copy files in the sense
"create the same destination file/link/device/fifo".
We already have cat/dd/etc for reading (as opposed to "copying").
But that would diverge from POSIX too much...

> What about cp myfile /dev/mtdblock1? Currently cp copies the contents of
> myfile to the flash.

I didn't like it, but decided to make it work - there are people
which are using this (mis)feature, and POSIX says it should work that way.
--
vda