This article refers to some of the Linux commands you should never run on your system as they might prove to be DEADLY for your Linux systems. So before I proceed, I would like to point out that this article is written for information only to let the readers know that executing any of the following commands is to be avoided. All commands mentioned here can have serious repercussions for your system & its data.
Also Read: Useful Linux Commands that you should know
Recommended Read: Linux Commands for Beginners (Part 1)
So let’s start the list of Linux commands you should never run & might I say again that you proceed with caution,
Linux commands you should never run
1- Format System Disk
Linux Administrator uses this command very often to format and assign a file system to a newly created disk partition. But when used irresponsibly, this can also format the disk with data on it,
$ mkfs.ext4 /dev/sda
So when using this command, make sure that the intended disk partition has been selected.
2- Delete /etc or /boot directories
/etc holds all the configuration files for the system & /boot holds all kernel, InitRD & GRUB related files, files that are required for system bootup. To delete any of these folders & your system will not boot up,
$ rm -rf /etc
$ rm -rf /boot
Another way to remove configuration files from your system & leave your system irrecoverable is to use the following command,
$ find / -iname "*.conf" -exec rm -rf {} \;
This will find & remove all the files ending with .conf (configuration files).
3- Delete the entire file system
Most of you might know of this command & it goes like
$ rm -rf /
This will delete the entire file system from your server, deleting every byte of data on disk.
4- Fork Bomb
Now, this command creates copies of itself endlessly & within no time will all your system’s memory, CPU & thus will cause the system to crash,
$:(){ :|:& };:
This can also lead to disk corruption.
5- Fill disk with random data
$ dd if=/dev/urandom of=/dev/sda
This will fill the disk with random data. Another variant of this command overwrites the disk several times over the original data,
$ shred /dev/sda
This command is actually a useful tool, especially when you are discarding off the old disk & would not want data from the old disk to fall into wrong hands (& another way I learned from movies is, you can also drill some holes into the drives).
6- File permissions havocs
All the above commands deal with the removal or overwriting of data. But there are ways to render your system unusable using the file permissions. The first command is,
$ chmod -Rv 000 /
This command will remove all the file permissions of all the files or folders on the system & since nobody will have access to files & folders, nobody can access those. & this leads to another way to writing the above command,
$ chown -R nobody:nobody /
This will also accomplish the same output as the first one. Now the second file permission command is actually the opposite of the first one,
$ chmod -R 777 /
This will change permissions for all the files & folders to be world-writable. & I am sure you can think of what will happen in such a scenario.
So this was our list of Linux commands that you should never run on your system. Please feel free to send in any questions or queries you have regarding this article using the comment box below.
$ chmod -R nobody:nobody /
should be chown
thanks for pointing that out, have updated it.
blkdiscard is a fast way to destroy a disk
Dunno if a normal use can execute most of the command’s.
It should be executed by the root user right ?
right , admin access are required.
Removing /etc from a stateless SO (solus/clearlinux) will perform a “factory reset”. So it’s a safe operation there.
$:(){ :|:& };:
hi shusain and all seniors pls tell us how these regex work in background. really fascinating .
:() is a function which is called recursively and as you kniw, it can’t be killed since it is running on the background with &. : is actually the name of the function.
Ok so a() { a | a& };a should also work?
Do we really need the pipe inside the function?
a() {a&};a would it not work
It can be killed by first being put to sleep. The same as in the Star Trek episodes involving Locutus. I *intentionally* did a fork bomb right after those episodes, just to see what would happen.
These 2 commands should be written in 2 lines
$ rm -rf /etc $ rm -rf /boot
it was a typo, have corrected it.
Thanks for pointing it out.
Cool… I will try them out and come back later to say what happens in my end… lol
Awaiting your response
:(){:|:&};: T ## this command is not working. Getting below error
line 1: syntax error near unexpected token {:’
:(){ :|:& };:
Use this.
Should be rm -rf –no-preserve-root, been like that for decades
dd should definitely be on that list, I’ve learned the hard way that it’s very easy to overwrite the wrong partition?
Happened same thing to a friend once.
Try # echo > /dev/sda
Delete all of you files starting with dot
rm -rf .*
# rsync -a –delete ~ root@localhost:/
Had something similar when a variable positioned before the slash was accidentally empty. (Target machine was obviously a remote one.)
Probably the quickest way to bring a system down is
rm -f /lib/{arch_library}/libc-*
{arch_library} corresponding to i386-linux-gnu, x86_64-linux-gnu etc or may not be necessary at all for some distributions, just depending on where the libc shared object library has been placed.
Why would anybody goes all the way to type these commands, a sys admin would know what is rm so why would he do that?
I can picture a disgruntled employee going in an running one of these. I wonder if there’s a daemon available that would prevent such an attack?
you can always create ALIAS for the command. Simple solution, huh ??
Could you please create another blog for all the useful commands in Linux and hp unix
There are many already on our website. Please search for Linux commands in search bar on top of the page.
On Gentoo it is a lot of fun to remove gcc or tar by “emerge -C gcc” or “emerge -C tar”. After this it is not possible to install or update any package anymore.
Never say never…
Fork bombs on some systems can cause serious problems, but if your system has a correct setup, then the process limit will prevent crashing the OS.
If you want to sell your hdd, how can you destroy the content with possibly sensitive data? IMHO you’ll boot a live linux from a USB stick, and dd if=/dev/urandom of=/dev/sda. Isn’t it?
I guess some of these commands are useful, but others like “forkbomb”, I have to ask why the command even exists?
The “forkbomb” presented here is not so much a command that exists. It is just a combination of symbols that are usually used to do useful things.
It is not an existing command, it is a definition of a self-replicating function.
Using shred on journalled file systems is not as dangerous as some people fear. See the shred man pages.
Forkbombs aren’t existing commands. They are… khm… exploits, AFAIK.
When I first met with a forkbomb, it was only a silly joke. Today… 🙁
If your OS isn’t protected against this kind of attacks, then a simple user can crash the whole system (without root/admin privileges).
But you can protect your linux by setting process limit for all users. (for example, on Ubuntu see the /etc/security/limits.conf or files in limits.d/ folder)
Please take a look at https://en.wikipedia.org/wiki/Fork_bomb
As Linux can be fully operated with commands you must be very sure about typing some commands in the terminal because there are such codes which can format the whole system.
Hard for me to believe any serious individual would do any of this other than to be malicious.
This article shows that many useful commands may have undesirable edge-uses.