QuickTip: do not type “sudo rm -rf /” at the terminal

December 2, 2007

Now, I know you’ll be wondering why you’d ever type what looks to the uninitiated like a random collection of letters, but, the point is a serious one – by leaving the root account without a password, it would be possible to wipe you machine, without any prompting at all, by typing this one command. This is a bit contrived, as (a) you need to switch to the root account (sudo), and then force silent removal (f), but, if Asus had done the job properly, and made it possible for there to be a root password, rather than forcing sudo to run on boot, reliant on a NOPASSWD file, things would be far more secure, and also far safer…

(If you do want to use rm for removing things (and, let’s face it, it is useful), you might want to be on the safe side and use switch i, forcing you to accept each deletion, at least until you’re comfortable with what you are doing.¬† (The whole string would be rm -ir [file / directory name]) Although, of course, some would argue that you make the most mistakes when you are comfortable with something, as you can get a bit blas√©…)

Advertisements