--- !ruby/object:RI::MethodDescription 
aliases: []

block_params: 
comment: 
- !ruby/struct:SM::Flow::P 
  body: "This method removes a file system entry <tt>path</tt>. <tt>path</tt> shall be a regular file, a directory, or something. If <tt>path</tt> is a directory, remove it recursively. This method is required to avoid TOCTTOU (time-of-check-to-time-of-use) local security vulnerability of #rm_r. #rm_r causes security hole when:"
- !ruby/struct:SM::Flow::VERB 
  body: "  * Parent directory is world writable (including /tmp).\n  * Removing directory tree includes world writable directory.\n  * The system has symbolic link.\n"
- !ruby/struct:SM::Flow::P 
  body: To avoid this security hole, this method applies special preprocess. If <tt>path</tt> is a directory, this method chown(2) and chmod(2) all removing directories. This requires the current process is the owner of the removing whole directory tree, or is the super user (root).
- !ruby/struct:SM::Flow::P 
  body: "WARNING: You must ensure that <b>ALL</b> parent directories are not world writable. Otherwise this method does not work. Only exception is temporary directory like /tmp and /var/tmp, whose permission is 1777."
- !ruby/struct:SM::Flow::P 
  body: "WARNING: Only the owner of the removing directory tree, or Unix super user (root) should invoke this method. Otherwise this method does not work."
- !ruby/struct:SM::Flow::P 
  body: "For details of this security vulnerability, see Perl's case:"
- !ruby/struct:SM::Flow::VERB 
  body: "  http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448\n  http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452\n"
- !ruby/struct:SM::Flow::P 
  body: For fileutils.rb, this vulnerability is reported in [ruby-dev:26100].
full_name: FileUtils#remove_entry_secure
is_singleton: false
name: remove_entry_secure
params: (path, force = false)
visibility: public