Urgent?? opensuse.org page could wipe HDD??

Maybe only for stoopid noobs like me but still…

The page here:
Live USB stick - openSUSE
Contains instructions on how to make a liveCD .iso bottable on a USB stick, and very handy it is too.

BUT these lines:

  1. Write, as root user, LiveCD iso to usb stick, but be careful to replace /dev/sdb with actual hard disk device from command above:
dd if=openSUSE-11.2-KDE4-LiveCD-i686.iso of=/dev/sdb bs=4M

Note: Replace the name of the iso(if=openSUSE-11.2-KDE4-LiveCD-i686.iso) with the actual name of the iso image you downloaded. 

The dd line not only refers to what could be an actual HDD, sdb (ie mine) but also contains a hidden <CR> at the end, so, copy/paste that into a terminal with su rights and whoooosssh sdb is deleted and overwritten?
Could not the writers change the line to remove the <CR> and change /dev/sdb to something unlikely to be a real HDD /dev/sdx or something? Or even {your disk here} ?

There is nothing stopping you changing it.

But if really worried about any command just start it with # then you can push up and make triple sure that is what you want doing. If happy then go to the beginning and delete the comment marker.

TBH copy and pasting any command is dubious, and certainly any of the rm or dd type ones even more so.

TY Feather, I did not know I could edit those pages, besides I am not confident of my bash skills to tell others what to do. I have removed the newline/<CR> from the cmd on the page, so that idiots like me do not auto-execute the line when copy/pasting before having the chance to edit the command to suit their specific needs.

as for copy/paste being dubious, it should be fine but it is the silly behaviour of EXECUTING when a CR is pasted rather than explicitly put in with the kb. I was not worried about the command and knew that I needed to change it, what I did not know (how could I?) that there was a hidden CR at the end of the line…

as far as i can see there is no way to ‘remove’ the line feed…


palladium

Good catch.:slight_smile:

Man, are you right this time. IMHO this should not be like this. We know how many people read the line about being careful…

Please change it.

<snip>… “EXECUTING when a CR is pasted rather than explicitly put in with the kb” …</snip>

As far as I know there is no way of distinguishing between typed or pasted EOL. I’m also not sure if this is just linux though either.

This is related to stdin, stdout and stderr the easiest way to give you an example is with echo.

$echo -e "with end of line 
"; echo -n "no end of line "
with end of line 

no end of line [pluto@stellar ~]15:32:15

You really need someone to explain it better than I can. Though stdin expects a kb not sure it can determine the difference between a paste and kb, also stdin doesn’t have to be a kb.

Another way of showing this is using pipes, now fixed but once you could echo “password”| su someuser now afaik this is by checking istty…

Any way what I’m trying to highlight badly is that bash doesn’t distinguish between the kb or the mouse as such. It is just waiting for stdin and afaik the application would need to do the testing as to where the data came from. But I’m not sure it would be easy to distinguish between the middle click, ctrl v or paste from the context menu. Not to mention I would expect even if it was possible then it can’t know that you don’t want the
when pasting.

Either way good catch suspect you’ve helped a few people there.

I am almost sure there is no difference where it came from. It is read from stdin and that is it.

It is you who entered it and the program does not know if you did this by piping, hammering on keys or using an X-function like pasting.

Good edit…

I think it wise when writing these pages to use ‘sdx’ or some such that is very unlikely to be a real device, and also emphasises by echoing common usage that the x is to be ‘filled in’ by the user.

There’s a big difference between treating users like idiots and taking sensible precautions.

i agree with your observation and just incorporated it, see how you
like it now…

i think yours is an improvement in safety…

you know you are allowed to edit, right?


palladium

Thank-you, I did NOT know I could edit when I made the first post, but Feather informed me I could, so I removed the newline/<CR> from the page. I did only this as I was not confident with messing with someone else’s work, but I agree and thank you for the additional edit.

> I did only this as I was not confident with messing with someone
> else’s work

ah, but it is ‘our’ work!
and, more of us need to be involved…

(of course, i’m not gonna start adding to the networking (and many
other sections) until i know enough to know if what i write is
right, or not…and due caution and certain knowledge is always
advisable…)


palladium

Yes, I did know that… Apologies - and thanks.