Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"rm -rf" as root from the root folder - Do all versions of Unix/Linux. . .


  • Please log in to reply
5 replies to this topic

#1 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 7,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:10:49 AM

Posted 13 February 2018 - 07:11 PM

. . . present a warning to anyone running as root that attempts to do this?

 

The last time I was really active in any Unix environment was in the late 1990s, and even by then a great many varieties of Unix would not allow someone running as root to issue this command without questioning it first if they were sitting in the root (/) directory.

 

This is a curiosity question, as I observed (and luckily had no part in) someone accidentally doing this and wiping out and entire system in a business setting.


Brian AKA Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

 

     In a modern society where everyone thinks their opinion deserves to be heard nothing annoys me more than individuals who mistake their personal preferences for fact.

         ~ Commenter TheCruyffGurn on the The Guardian website, 8/13/2014

 

              

 


BC AdBot (Login to Remove)

 


#2 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,920 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:12:49 AM

Posted 13 February 2018 - 08:16 PM

If you tried doing it on most Linux boxes now you would/should get a warning. But the warning isn’t guaranteed.


Edited by NickAu, 13 February 2018 - 08:16 PM.

Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#3 Gary R

Gary R

    MRU Admin


  • Malware Response Team
  • 803 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:49 PM

Posted 14 February 2018 - 08:27 AM

Deleting anything when you're running as Root is usually a bad idea, unless you know exactly what you're doing.

 

If you can't delete something with your normal permissions, then there's usually a very good reason for leaving it alone.

 

Also, IMO, if you don't know exactly what a command does, then you shouldn't be using it anyway.



#4 DeimosChaos

DeimosChaos

  • BC Advisor
  • 1,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:10:49 AM

Posted 14 February 2018 - 09:57 AM

I'm trying to remember... I had my buddy do it to his VM while we were at Drexel. I wouldn't think you would actually get a warning if you are running under root... but maybe you do if you run it via sudo. I haven't actually tried it in a while... lol


OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +


#5 britechguy

britechguy

    Been there, done that, got the T-shirt

  • Topic Starter

  • Moderator
  • 7,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:10:49 AM

Posted 14 February 2018 - 10:39 AM

Like I said, this is really a question to satisfy my curiosity.  While one should never run something like rm -rf as root, in the root folder (or elsewhere, without great care), accidents will happen.  This is one of the reasons that good OSes change to try to mitigate potential disasters.  One of the early changes that I remember was that rm -rf specifically became more "self aware" and would give the Unix equivalent of a Windows UAC dialog to confirm if you really meant to do what you're about to do.

 

Given that humans are fallible, this is a good thing, in my opinion.


Brian AKA Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

 

     In a modern society where everyone thinks their opinion deserves to be heard nothing annoys me more than individuals who mistake their personal preferences for fact.

         ~ Commenter TheCruyffGurn on the The Guardian website, 8/13/2014

 

              

 


#6 Viper_Security

Viper_Security

  • Members
  • 821 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:07:49 AM

Posted 14 February 2018 - 03:07 PM

never used rm -rf before but i have used rm -r, and in a business setting Only certain people can even do that,let alone have access, like at my job I am a linux systems administrator. not a junior, but i still need to let 2 other people know if I'm removing anything as root. and i've only used debian and arch based distro's but i have never got a warning.

the only warning i could think of is IF one ran it with sudo, eg. sudo rm -rf /home/*/*/*   you may get asked for a password but still no warning.

 

as you know rm= remove

rm -r =remove recursively

rm -rf = recursive removal and force it

 

"if run by a superuser on the root directory, would cause the contents of nearly every writable mounted filesystem on the computer to be deleted, up to the point the system itself crashes from missing some crucial file, directory, or the like."

 

could go into terminal and try su, but one would have to know the root password


Edited by Viper_Security, 14 February 2018 - 03:58 PM.

    IT Auditor & Security Professional

hQBT2G3.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users