A classic sysadmin horror story begins with two sysadmins accidentally typing "cd /" then "rm -rf *" on a VAX. By the time anyone interrupted the process, huge chunks of the operating system had gone. The first problem was to find out how much (no ls...). Eventually they found that "echo *" would work - echo is a builtin command of the Korn shell - and that /bin, /etc and /lib had all gone, but /tmp, /usr and /users were untouched.

It was a week since they had last backed up the user files, and many users were in the final stages of writing up their PhD theses, so they had to recover the system without wiping the disk and reinstalling. They did have an old dump tape of the root filesystem, but how were they going to recover it without the restore command? They thought about ftping files over from another VAX, but ftp wouldn't work without at least /etc/hosts.

Fortunately, somebody still had an emacs running, which could be used to create skeletal versions of /etc/hosts and the like - once the /etc directory had been created. /bin/mkdir and /bin/mv had gone, but someone who knew VAX assembler had turned up and written a program to make /etc.

They typed in this program as ASCII hex, ran someone's program to convert it to binary, and used it to create /etc, carefully setting the umask to 0 so that they could use the emacs to put files in it. Then they quickly sorted out the system to the point where they could get /etc/rrestore by ftp, and finally restored everything else from the dump tape.

Dangerous UN*X / Linux trojan virus meta-command, which Microsoft systems are protected against. All that is required for this exploit is that root have a mail client willing to run any command line with full privileges.

Of course, no such client exists, and only a complete idiot would run it as root, even if such an abomination did exist. This is plain common sense. Then how come people accept this sort of thing so calmly in the Windows world?

Professionals don't issue rm -rf / themselves: they write scripts to do it for them.

The script in case was called rmuser and it automated over 10 different steps required to remove a user from our systems. It was a great help. Naturally, there was also a newuser script to create users, and naturally, some test users were created with meaningless home directories. So one day I removed one of the test users, whose home directory happened to be /.

Moral of the story: never trust yourself when writing scripts. This script was written to print its crucial commands before execution; a quick ^C saved my day.

Log in or registerto write something here or to contact authors.