Comment by direwolf20

Comment by direwolf20 3 days ago

This is not hypothetical. Steam and Bumblebee did it.

That was the result of an additional space in the path passed to rm, IIRC.

Though rm /$TARGET where $TARGET is blank is a common enough footgun that --preserve-root exists and is default.

extraduder_ire 2 days ago

Found it. is was this line [0] specifically. "rm -rf /usr /lib/nvidia-current/xorg/xorg" instead of "rm -rf /usr/lib/nvidia-current/xorg/xorg", which will delete all of /usr and then fail to delete a non-existent directory at /lib/nvidia-current/xorg/xorg
0: https://github.com/MrMEEE/bumblebee-Old-and-abbandoned/commi...

Reply View | 0 replies
niyikiza 3 days ago

You'd be surprised to see how often we're seeing those types of semantic attack vulnerabilities in Agent frameworks: https://niyikiza.com/posts/map-territory/

Reply View | 0 replies
cyberax 3 days ago

Even better, $TARGET might be "/home/user/documents and settings /bin"

Reply View | 2 replies
- extraduder_ire 2 days ago
  
  I believe that is what staticassertion was suggesting. / is a poor example because of --preserve-root being the default.
  
  Reply View | 1 reply
  
  cyberax 2 days ago
  
  Not quite. The grandparent's example was missing quotes around $TARGET. Which is yet _another_ footgun.
  Without quotes it becomes: `rm -Rf /home/user/documents and settings /bin`
  
  Reply View | 0 replies

a_t48 3 days ago

Bungie, too, in a similar way.