Protection from the dreaded "rm -fr /"
Peter Jeremy
PeterJeremy at optushome.com.au
Sat Oct 2 05:43:54 PDT 2004
On Sat, 2004-Oct-02 11:51:43 +0300, Giorgos Keramidas wrote:
>The reason I liked this idea is that root has zillions of other ways to
>destroy an entire system, but not many of them are likely to be the
>result of mistyping a single character as shown below:
>
> # rm -fr / home/someuser/*
I've had a customer write a cronjob that did almost exactly this.
He managed to 'test' it on all the (redundant) production systems
as well as the test model. We were only called in when he found
that there were some unexpected console messages and the systems
wouldn't boot when he pressed the reset button. Luckily it
managed to kill itself before it destroyed all the evidence (since
the culprit initially denied doing anything).
Based on that, I'm definitely in favour of some anti-foot-shooting
measures.
I don't think it should fail quietly: If I ask the computer to do
something (stupid or not), it should either do it or tell me that it
hasn't done it. Failing to do what I ask and not telling me means
that I can't trust the computer - I have to double-check that the
files I wanted to delete have actually gone away.
--
Peter Jeremy
More information about the freebsd-hackers
mailing list