rm: allows dangerous abbreviation of `--no-preserve-root` option

[sylvestre]

rm: allows dangerous abbreviation of --no-preserve-root option

Component

rm

Description

GNU rm explicitly rejects any abbreviation of the --no-preserve-root option as a safety measure to prevent accidental deletion of the root filesystem. However, uutils rm accepts abbreviated forms like --n, --no, --no-p, etc., which can lead to data loss.

In [GNU rm](https://

uutils rm does not implement a safety check. The clap argument parser accepts any unambiguous prefix of --no-preserve-root, so --n or --no bypasses root protection.

Test / Reproduction Steps

# GNU
$ rm --no-preserve
rm: you may not abbreviate the --no-preserve-root option

# uutils
$ target/release/coreutils rm --no
rm: missing operand
Try 'target/release/coreutils rm --help' for more information.

Here is a dangerous scenario in file system.

# Setup test environment
$ mkdir /tmp/dir && cd /tmp/dir
$ cp /uutils/uutils/target/release/coreutils .
$ cp -R /usr/lib /usr/lib64 .

# Run rm with abbreviated option - THIS DELETES EVERYTHING
$ sudo chroot $PWD ./coreutils rm -rf --n /
rm: cannot remove '/': Device or resource busy

# The coreutils binary itself was deleted
$ ls coreutils
ls: cannot access 'coreutils': No such file or directory

Impact

Accepting abbreviated --no-preserve-root options can lead to accidental deletion of the entire root filesystem, causing data loss. This breaks compatibility with GNU coreutils safety features.

Recommendations

Add an explicit check to reject abbreviations of the --no-preserve-root option, similar to GNU rm.

[sylvestre]

be careful when running this example!