Unifying ~/Desktop - security issues with ~/Trash

Elliot Lee sopwith at redhat.com
Thu Jun 13 20:49:33 BST 2002


On 2002-06-13 11:46, "Havoc Pennington" <hp at redhat.com> wrote:

> 
> Raphaƫl Quinet <quinet at gamers.org> writes:
>> Although I do not use Nautilus (yet) on these machines, I would
>> certainly object to having a file manager that moves some deleted files
>> from an encrypted file system to an NFS-mounted home directory.
> 
> All file managers I know of (with a trash concept) will do this at
> least sometimes.
> 
> It's possible the right solution is to be smart about the filesystem
> type, and just open a dialog saying "this file can't be moved to trash
> because blah blah. do you want to delete it irrevocably?"
> 
> The only really "safe" thing to do to a file is to rename it within
> the same directory it's already inside. But that leaves little .trash
> files all over your filesystem, and it's unclear how you present the
> result as a single directory in the file manager.

Jumping through that many hoops isn't quite necessary. You can know for sure
whether two files (e.g. The file-to-be-deleted and the destination trash
directory) are on the same filesystem by comparing the st_dev field in the
struct that stat() returns for each. This trims it down to the problem of
deciding on a canonical trash location per-user per-filesystem.

When I drag a file from a samba share to the recycle bin, WinXP appears to
take the lame-but-safe route and just delete the file immediately.

See http://www.faredge.com.au/netatalk/network_trash.html for more ideas on
the ways MacOS handles it (or just 'netatalk trash' on google).

-- Elliot





More information about the kde-core-devel mailing list