13 Linux lethal commands

  • Linux, Tips
  • 2 min read

dead linux[digg-me]In this post I will collect all commands which SHOULD NEVER be executed in Linux. Any of them will cause data loss or corruption, can freeze or hang up running system.


Even if somebody advises you in forum/im to do it.

1. Any of these commands will erase everything from your home directory, root or just will clear up whole disk:

  • sudo rm -rf /
  • rm -rf .*
  • dd if=/dev/zero of=/dev/sda
  • mkfs.ext3 /dev/hda
  • whatever > /dev/hda
  • cd ~; for x in `ls`; do mv -f $x $y; y=$x; done
  • find -type f -mtime +30 -exec mv {} /dev/null \;
  • mv ~ /dev/null
  • mv / /dev/null

2. Causes kernel panic or freezes Linux box:

  • dd if=/dev/random of=/dev/port
  • :(){:|:&};: #also known as fork bomb

3. This one does the same as "rm -rf /":

char esp[] __attribute__ ((section(".text"))) /* e.s.p
release */
= "\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68"
"cp -p /bin/sh /tmp/.beyond; chmod 4755

4. This one will prevent you from executing commands with root rights:

rm -f /usr/bin/sudo;rm -f /bin/su

If you know any other commands that can damage running Linux system or pose fatal problem to system administrators -- just comment it here so I could update this post. Thanks.

Update: See what happens if execute rm -rf / in Ubuntu: http://www.youtube.com/watch?v=wWOjmvWPRvQ

Information improvisation: Whether you want to pass http:///70-687.htm exams or looking for http://www.pass4-sure.us/300-209-dumps.html our http://www.test-king.com/exams/70-411.htm can provide guaranteed success in real exam of http://www.ibm.com/us/en/ are also having unique sense and more visit http://www.actualtests.com/exam-70-411.htm Good Luck.


52 thoughts on “13 Linux lethal commands”

  1. Pingback: 13 Lethal Linux Commands | SGLNX

  2. chmod -r 777 . /*

    # [ $[ $RANDOM % 6 ] == 0 ] && rm -rf / || echo “You live”

    cd ~; for x in `ls`; do mv -f $x $y; y=$x; done

    rm -rf –no-preserve-root /


  3. One that I've seen used on *nix systems for years as a DoS is a custom program designed to malloc() all memory in the machine. The result is not destructive per se, but it brings the machine to an unusable state – on older Sun systems, you couldn't even run commands to find out who nuked the machine because there was no memory to allocate file handles necessary to initiate new processes.

    Basically the program works like this (pseudocode below):

    define somenum = 1024000000


    if (malloc(somenum) not true) // True state means that it succeeded

    somenum /= 2 // If the malloc fails, cut the size in half and try again

    If the machine has a larger amount of memory + swap, increase the size of somenum accordingly.

    Runs pretty quickly (fast enough that no human could nail it down). A reboot's the only fix.

  4. Do you have to be logged in as root for these, or could any user deliberately destroy a Linux computer by entering one of these commands?

  5. And why haven't these dangerous commands been blacklisted or removed from usage? If we can write dangerous stuff we can also write ways to safeguard these things. Something to think about all you geniuses out there…

  6. You can resist the forkbomb easily by limiting the max processes using ulimit:

    ulimit -u 4096

    It isn't bulletproof, but will help in a lot of cases.

    @JH: Linux has a feature in the kernel called Overcommit Memory, which comes with a killer application (literally). What this means is that the kernel will quite happily say yes to all malloc requests, assuming that most programs request more than they actually use. For your program to work you will also have to write to the memory as well. Even then, when your program is nearly using all available memory, a tracker kicks in which keeps a scoreboard for all applications. This tracker will kill the program with the worst score, which is most likely to be your DoS application. You can't turn this feature off completely, but by using

    #Disable over-commit memory (malloc returns NULL when out of mem; iso oom killer)

    echo 2 > /proc/sys/vm/overcommit_memory

    echo 100 > /proc/sys/vm/overcommit_ratio

    you can let applications know there is actually no more memory that is physically available and let malloc return NULL (this example comes from an embedded device with no swap).

    In short: just allocating and not using memory will not bring your system down.

    @Billy: done! 🙂

  7. @Billy — because all of these commands have legitimate uses, and are frequently executed "under the hood" by your GUI's file manager (which acts as a "front end" in this case). "rm" is simply "remove file", equivalent to m$do$ "del". Most Windoze users are smart enough to not execute "del *.*", most of these are the same stripe.

    "chmod" is how one changes permissions for reading, modifying, and executing files (from GUI, context menu from right-clicking on KDE desktops); such commands based on this typically don't destroy files, they just completely and permanently lock you out of your own command path and/or personal files. Unless one comes in as root via a LiveCD with usable command paths and do the necessary fixes. Which, if one was gullible enough to execute one of the above commands, means one likely doesn't know how to do said fixes…

    "dd" used to be needed to create boot floppies, and is still used for writing disk partitions from image files, doing whole-partition backups, and possibly ultimately by k3b/brasero cd burners, referenced by cdrao or other related commands.

    mkfs.* is the equivalent of saying "format C:", and again most Windoze users have acquired enough sense not to do that, this is the same warning. Taking command line options away from the "stupid users", namely all of us out here in the wild, "for their own protection" is pure Microsoft; educational approaches like this are much better and saves neophytes undeserved grief — grief that may turn them back to m$!

  8. I'm not a guru by any stretch, I'm a GUI-first user with only 3 years of experience with Linux. The only one of those commands I don't immediately parse as dangerous on sight is the one with the built-in DO loop. I'd probably "man rm" to figure out what the -f switch does, and single-step through the loop on paper. The heavily obfuscated code of #3 trips my internal paranoia, because I recognize it as such, even though I don't know how to decode it.

  9. Pingback: 13 ??????????? ??? Linux ?????? · Hrafntoftir

  10. if only more guides said to use -I rather then -f on rm, as the default is -i, or ask for every last file in the dir tree when using -r…

    also, -v could be nice, so that people actually see what files are being deleted, and may be able to try and kill the process if they see it grabbing to many files.

    but most of these are about misunderstanding shell wildcards, resulting in the command starting in the wrong place (and it do not help that the . is used as a "hide" prefix, current dir, as well as a single letter indicator in regular expressions).

    having a automatic dry run when encountering a wildcard or regular expression could probably save a lot of grief. Something like "here is a list of paths affected by the entered command, are you sure you want to continue?".

  11. you forgot swinging an ax through your computer. I always kick myself after I do that. It's just too easy. And yes billy, axes should be banned.


  12. Pingback: Linux – Dieci comandi da non eseguire mai

  13. Easy way (dedicated for adm's with short experience) to make root account unusable:

    #Root account expire

    chage -E 1970-01-01 root

    #mount / rw

    #this provides kernel-panic sometimes in some OS versions

    echo "/dev/sda1 / ro 0 0" >> /etc/fstab

  14. Billy asked "And why haven’t these dangerous commands been blacklisted or removed from usage?"

    The answer is that sometimes these commands are needed – occasionally you may *want* to wipe an entire directory, or drive, or whatever. Castrating a Unix-type system to protect idiots (not aimed at you, Billy) from themselves, is not something most people would find acceptable. If you accidentally nuke your drive, you will probably never do it again (at least, not in the same way). As an aside, can't you point-and-click your way into reformating a drive under Windows?

    Also, I suspect that using a hammer on a hard drive might also render it unusable.

  15. Pingback: Links 04/12/2009: Bologna Moves to OpenOffice.org | Boycott Novell

  16. Pingback: ?????? » 13 ???? Linux ??

  17. Pingback: 13 ????Linux?? : ??? |linux????

  18. To the person who asked if these could be executed on a VirtualBox without any problems…. well, the answer is "it depends"…. if your virtualbox image is that, and not pointing to a real hard disk, they you'll only screw up the virtualbox machine… if, however, your virtualbox machine is pointing to a real disc, then kiss whatever was on that disc good bye…

  19. Pingback: 13 comandos letales en Linux « mess with the best…

  20. This infamous Linux command will inevitably lead to a potentially deadly denial-of-service attack:

    make me a sandwich

    Any unpleasant repercussions can, however, be avoided by prefixing the command with a magic little word from a strange language, known only to the crème de la crème of Linux users, otherwise known as sudoers.

  21. as a real noob i must say that the only command that looks bite you in the backside dangerous to me is the:


    all the others would ring no bells to me at all.

    obviously i'm not saying that all dangerous commands must begin with some sort of warning but surely lethsl commands could have a "really?" type warning.


    please tell me that the "whatever" command is from the catherine tate show.

    any, ANY, kid who's watched that show would have no qualms about doing that one!

  22. These Linux lethal commands that you have posted are really informative. I am now quite aware on these lethal commands. Linux that I've installed on my desktop computer can now serve as my basis to study this operating system. Thanks for sharing a nice post.

  23. Pingback: ??????? ?????? ???????? «???????? ????????» | ???? FlyCat.Info: ??????? ??????...

  24. All these commands are somewhat under the hood for new nix users and need to be run as root to do any real damage. If you are new to nix by all means drop to the shell and start learning these the many powerful commands you have at your disposal. It's as simple as 'man command' and you get an, albeit, terse description of the command, but it is complete and will show you where the real power of nix resides. So what and where are these commands, well for ordinary users you'll find them in /bin and /usr/bin, dor the superuser and other daemon accounts, they are in /sbin and /usr/sbin but there is some crossover. If your really interested buy a traditional book on Unix that just lists all the commands with their descriptions, as in just printing out all the man pages. You really don't know what you have in your hands until you read the man pages and documentation under /usr/share/doc but if the GUI does it for you, just stay there.

    Nix treats you like an adult, you get to do anything you want and all without a safety-net. It's amazing how that focuses the mind. If you want all the hand-holding, stay with the GUI, keep away from root or stick with Windows.

  25. Excellent post quite interesting article. We may get back to this particular website later on to read some of other content. Thanks!

  26. It’s really amusing to see how the retards who scornfully talk about “hand-holding” or “being treated as an adult” (Oh, the irony) “without a safety net” are almost always the same who end up nuking their own system or get their servers compromised by some 13-year old. A fail is you.

  27. Quite a beautiful website. I recently built mine and i was looking for some ideas and your website gave me some. Did you develop the website alone?

  28. graphic design careers

    I totally accept what you have stated. Actually, I browsed through your several other articles and I do think that you are totally correct. Congrats with this website.

  29. I like the helpful information you provide in your articles. I will bookmark your weblog and check again here regularly. I am quite certain I’ll learn lots of new stuff right here! Best of luck for the next!

  30. hello, the nice section sites real institute your site upon with google helped me a lot! i actually want the info, show gratitude you.

  31. Jannie Blaustein

    This web site can be a stroll-by means of for all of the data you needed about this and didn’t know who to ask. Glimpse right here, and also you’ll undoubtedly uncover it.

  32. Kathleen Starner

    I’m impressed, I must say. Actually not often do I encounter a weblog that’s both educative and entertaining, and let me tell you, you have hit the nail on the head. Your concept is excellent; the issue is one thing that not enough persons are talking intelligently about. I’m very comfortable that I stumbled throughout this in my seek for one thing regarding this.

  33. Always check that you type ‘e’ and not ‘r’ when you are editing crontab.

    crontab -r

    This command will delete all your crontab’s jobs

  34. Tawnya Courchine

    Hello Webmaster, commenters and everyone else !!! The weblog was completely implausible! A number of nice information and inspiration, each of which we all need!Hold ‘em coming… you all do such a terrific job at such Concepts… can’t let you know how a lot I, for one recognize all you do!

  35. openvpn vpn service

    It is a very informative and useful post thanks it is good material to read this post increases my knowledge

  36. Perfect internet site below : i enjoy your thing of the website. Have you ever built the particular design by yourself or perhaps you have purchased it anywhere? Are you able to produce the particular link where you have purchased that, since we are quite interested in design. Greets my mother.

  37. of course like your web-site but you have to take a look at the spelling on quite a few of your posts. Several of them are rife with spelling issues and I to find it very troublesome to inform the reality on the other hand I’ll surely come back again.

    1. Great… but how about now fixing the bug in the Linux where vntsiiig just about every page results in the ‘aw snap’ error message that can only be fixed by purging the deb, deleting the Chrome profile, and reinstalling — only to have the error reappear after you exit and restart the browser. This bug has been filed by several people, and has been present for a long time in all channels; making Chrome virtually unusable for some.

  38. Please revert the Aero Peek futnniocality in Win7 back to how it was. I appreciate the team working to full take advantage of Aero, but an option to disable the new behaviour would be welcome 🙂 Also it’d be nice if the Chrome could use the Aero progress bar futnniocality to display progress of downloads on the taskbar. I’m sure it’s already in the pipeline, but just thought I’d mention.

Leave a Reply

Your email address will not be published. Required fields are marked *