Things you should never EVER type in Linux. Ever!

Things you should never EVER type in Linux. Ever! I feel that I need to put a warning at the top of this post because try as I might in the subject to be clear about what I mean, I know that someone will go and type/execute one of these things into their production server at work and then be horribly distraught and/or cause some sort of power grid catastrophe across the Pacific Northwest or something.

If you’re a Linux guru or or experienced enough to know what all of these things are then you probably don’t need this article and we can go our merry ways. If not, then DO NOT, DON’T, NEVER EVER EVER EVER run these commands in a terminal session. If you do you will render your system anything from useless without a forced reboot to devoid of any useful purpose ever.

Why write this article on ArsGeek then? Because you should be forewarned as a Linux user that there are people out there who consider it good fun to bait others into running destructive and harmful commands on their machines. Particularly those new to Linux. So use this list as a caution as to what not to do. And note that it’s not an exhaustive list, simply a quick reference against stuff you really don’t want to do. Bottom line is, research what you’re about to execute before you push the enter key and know what you’re doing to your system, yourself and your job prospects.

Let’s start with commands that delete things that probably shouldn’t be deleted, shall we?

The basic way to delete a file in Linux is with the rm command. rm foo will take foo, wring its skinny neck and throw it down the drain. Gone. See you later.

Now there are lots of variants on these commands. Let’s look at a few. Again, look but do not execute!
rm -rf ./ - Delete the files in a current directory (all of them)
rm -rf / - Delete the partition. (AHHH!)
rm -rf . - Delete the whole directory.
rm -rf * - Delete all visible files in a directory

Running all of these commands have certain real world utility. They’re also a great way to fubar your system if run in the wrong place. Remember ‘rm’ means remove. -r means recursive and -f means don’t bother asking me if you want me to really delete your /usr/bin directory – or any other for that matter.

Mean folks have gotten slightly more creative and regular Linux users have made this mistake more than once.

rm -rf .* - Delete all hidden (files that start with a ‘.’) files.

Now, how about the good old fork bomb! Sounds ominous eh? What a fork bomb does is eat up all of your available system processes, essentially bringing your system to it’s knees. A fork is when a program spawns another program – often a version of itself. A fork bomb is when this happens endlessly and nearly exponentially until there are no resources left on your system. Most often the only way to get out of this is to hard reboot (i.e. hold down the old power button) which can cause file system problems. Here’s a few examples of fork bombs to watch out for:
:(){ :|:& };: - The cutest one. Like a vorpal bunny.
#!/usr/bin/perl - for Perl meanies.
fork while 1

or also in perl:
fork while fork
#include <unistd.h>
int main(int argc, char* args[])
return 0;

That last one is in C. As you can see there are a bunch of ways to do this – the above examples are only that, examples. Just be careful of code you don’t know with the word ‘fork’ in it, or of typing lots of emoticons into your shell.

Even windows users can be subject to fork bombs in the form of malicious batch code. Here are two examples:

The next kind of code bomb is a tar bomb. Tar is a nifty program for compressing and uncompressing stuff so you don’t have to lug around hefty loads of data. Tared files can be crafted however to ‘explode’ into an existing directory, rather than into a new directory.

An example: Say you’re in your home directory and you have file called foo.tar you want to untar. So you do so and it should untar into a directory called /foo sitting in your home directory. Through malice or bad practice though, it could just untar all of it’s files into your /home directory. This is bad if there are say. . . 487,038 files in the tarbomb. Now you’ve got all the junk to sort through in your home directory. Ouch!

The same can be said for any uncompiled code. If you don’t know where it’s coming from think twice before compiling it. It’s very easy for someone to hide a chunk of malicious code in the thousands of lines of codeit takes to make a program.

Bottom line is – be cautious, don’t run things if you don’t know where they came from and always, always check what a command does if you’re not familiar with it. Not only will this make you more productive and more powerful user but it will help you protect yourself as well. Remember this isn’t an exhaustive list, there are plenty of other tricks out there as well. Be safe.

Edit: Thanks to the commenters for pointing out some errors – I’ve since corrected them!