# The Most Dangerous Linux Command Explained

## Метаданные

- **Канал:** Techquickie
- **YouTube:** https://www.youtube.com/watch?v=-iwvu0uozhs
- **Дата:** 03.03.2026
- **Длительность:** 10:51
- **Просмотры:** 217,460
- **Источник:** https://ekstraktznaniy.ru/video/20317

## Описание

Get a free 15-day trial of Odoo’s all-in-one business solution and see how it can make your life easier! Check it out at https://www.odoo.com/r/IXfS

Purchases made through some store links may provide some compensation to Linus Media Group.

The rm -rf / command is one of the most dangerous things you can type on a Unix system - Riley explains what it does, why it exists, and how to protect yourself from accidentally nuking your computer.

Leave a reply with your requests for future episodes.

► GET MERCH: https://lttstore.com 
► GET EXCLUSIVE CONTENT ON FLOATPLANE: https://lmg.gg/lttfloatplane 
► SPONSORS, AFFILIATES, AND PARTNERS: https://lmg.gg/partners 

FOLLOW US ELSEWHERE
---------------------------------------------------  
Twitter:   https://x.com/linustech 
Facebook:  https://www.facebook.com/LinusTech  
Instagram:   https://www.instagram.com/linustech  
TikTok:   https://www.tiktok.com/@linustech  
Twitch:   https://www.twitch.tv/linustech

## Транскрипт

### Segment 1 (00:00 - 05:00) []

eight characters. That's all that stands between you and your entire digital world being absolutely wiped out. It's a command so destructive that it's caused hundreds of millions of dollars in damages, data loss, bankruptcies, and almost caused Toy STORY 2 TO BE LOST FOREVER. The command we're talking about is rm-rf slash. So, what does rm-rf slash actually do? Let's break it down like we're diffusing a bomb, which honestly we kind of are. Unix commands follow a simple structure. First, the command name, then flags that modify how it behaves, followed by arguments that tell it what to act on. So, let's diffuse this bomb piece by piece. RM is an abbreviation of remove. It's the Unix command for deleting files, which means it works on Linux, Mac OS, and other Unix based systems. Although on Windows, RM is also the alias for the remove item command in PowerShell, which does similar things. Hyphen R is what's called a flag in a Unix command. It's an option for how you want the command to behave. In this case, the R stands for recursive, which means instead of just deleting files in one folder, it descends into every subdirectory and deletes everything inside them, too. All the way down the tree. Yeah, I accidentally executed it. Okay. So, there's no way to reverse it. Yeah, it was my personal computer. Wedding photos, baby pictures, Bitcoin wallet passphrase. I'm gonna be in so much trouble. Um, so, uh, so after the R flag is the F flag, which stands for force. This means it deletes files even if they're marked do not delete, and it doesn't ask for confirmation or stop for errors. It just goes like you just saw on my personal computer. It didn't even ask if I was sure. Then comes the argument part of the command, which tells it what you want deleted. Now, in this case, we're putting a slash, which means the root directory. In Linux, that's the very top of your file system where everything on your computer lives and every other directory stems from. If you're a Windows person, your closest equivalent is C, but it's actually worse than that. Linux mounts everything under root, including other drives and devices. There's no escaping to a D drive here. Then, once you hit enter, — Yeah. So, see the new machine we set up for you. You deleted the whole file system — and there's no way to get it back. — No, Okay. All right. So altogether, this is basically telling your computer to delete everything everywhere and not to stop or ask questions while it's doing it. That's a key point. The command starts at the top of your file system and works its way down, deleting system files, user data, configurations, everything. And here's the eerie part. While you might think your computer would immediately become unusable, it actually keeps running for a while because the programs in memory still work until they need to access something that's been deleted. Then stuff starts to fall apart. Now, you might be wondering reasonably, why does such a dangerous command even exist? To find out, we talked to Matthew Garrett, a Linux kernel developer who spent years working on firmware security. He's one of the people who's actually had to deal with the fallout when this command goes wrong. — It's not really a deliberate design choice. Everything in Unix is a file. Slash is just the root of your entire file system. RM doesn't care. It just sees, oh, you gave me a directory. Sometimes you make a chainsaw. You don't really think of this as a someone could destroy their house with this if they tried. You think I made a thing to cut down the tree. — Matthew's right. System administrators need a way to quickly clean up entire directory trees when managing servers, removing old installations, or wiping test environments. And we know what you're thinking here, Riley. You practice backup best practices, of course. just restore. Well, sometimes backups fail. In fact, let me tell you about the time Pixar almost lost Toy Story 2. It happens to everybody. In 1998, someone at the studio ran a variation of this command on their animation servers. The associate technical director, who had been reviewing the character assets at the time, watched in horror as in a matter of seconds, the entire file system disappeared. When they tried to restore the files from backup, they realized their magnetic tape-based backup system had reached its 4 gigabyte size limit. And since Toy Story 2 was a whopping 10 gigabytes, the backups were

### Segment 2 (05:00 - 10:00) [5:00]

overwriting themselves without anyone knowing. So, how did Toy Story 2 survive? Did they have to remake the whole thing? I'll tell you that after I tell you about today's sponsor, Odo. They make it easy to wrangle up all the aspects of business management into one platform. Whether that's CRM, project management tools, invoicing, running a forum, it can be all o done with odo. It has a userfriendly and customizable interface. You can make sure it suits your needs best. And if you only end up needing a single application, ODU's free. You can even book a demo with them before you decide to try it. So, use our link for a free 15-day trial with no credit card required. Now, back to Pixar's nightmare. One of the only things that saved Toy Story 2 was this. Supervising technical director Gayen Susman had just given birth and had a copy of the film she had been working on during her maternity leave on her home workstation. So, thanks to her diligence and America's horrible maternity leave laws, the world got Toy Story 2. Now, you might think, "Okay, well, I just won't back up to magnetic tape anymore. I'll try one of these experimental new fangled backup methods like the cloud or hard drives. then I can just reinstall my operating system and restore. Right, wrong, potentially. In 2016, users discovered that on some systems with UEFI firmware, the successor to BIOS firmware that became popular in 2012, running RMER RF could permanently brick your motherboard. And you can't install Linux on a brick. I mean, look at this thing. It doesn't even have any ports. So, how did this happen? Some Linux systems expose your firmware settings as files in a special folder. Things like which drive to boot from, your security keys, and even what hardware your motherboard thinks is plugged in. — In the old days, your firmware settings were stored in a small amount of nonvolatile RAM EFI variables. They're stored in the same flash chip that your firmware is stored in. When RMRF runs, it deletes these firmware variables, too, on poorly designed motherboards. This literally destroys the motherboard's ability to start up. — Vendors, it turned out, had in some cases used runtime variables for critical data, and they would not have erroring codes. They would assume that was there. And if the val if the variable wasn't there, instead of recreating it with default values, the firmware was either just stop or crash. A user ran the command on their MSI notebook in 2016 which led to a deletion of the EFI vars directory which contained the secure boot keys for the system. As a result, the user couldn't even boot into the BIOS all from typing eight characters. And before you freak out and flee the Linux Republic to supplicate at the altar of gates or jobs, modern Linux systems have put protections in place to avoid accidental deletion of your entire computer. Linux has the concept of immutable files. Files that can't be modified. Even if you have right permission, you can't change an immutable file. And what we did was set most EFI variables immutable by default. There's a pretty elegant solution. I did not come up with it. I don't read too elegant. So far, we've been talking about accidental executions of RMRF, but this command is also prone to malicious deletions. In 2013, there was a 4chan campaign where trolls were telling Mac users that this command would activate hidden Bitcoin features on their machines. Who would have possibly guessed that 4chan, the wholesome community that innocently popularized Pepe the Frog, would be the source of malicious trolling? Fortunately, the Linux community takes this kind of trolling seriously. Most help forums ban users immediately and permanently for trying to trick vulnerable users into executing RMRF. Hell yeah, Linux community. That's the spirit. Not like those trolls over on 4chan. It's also harder than before to accidentally execute this command without knowing you're doing it. Since 2006, the command won't work on the root directory without adding the no preserve root flag. Think of it like a safety on a gun. But rm-rfaststerisk still nukes your system. That little asterisk makes the command execute on each directory individually, bypassing the root directory protection, which extending our earlier metaphor is like if your gun also had a second trigger with no safety on it. And as cool as a double trigger, no safety gun might be, it's not ideal for a command that could destroy all of your wife's pictures of her niece. which is why you want to make sure you're using backups and ideally using file system snapshots with something like ZFS or BTRFS which lets you roll back changes like nothing happened. So, how do you actually

### Segment 3 (10:00 - 10:00) [10:00]

protect yourself from this nightmare? First, if you use Linux, there's a tool called Safe RM that maintains a deny list of directories that can never be deleted. You can also set up aliases to make RM always ask for confirmation before deleting and keep good backups. Follow the 321 rule. Three copies of your data in two different types of media with one copy stored offsite. And maybe, just maybe, double check your commands before hitting enter because the difference between rmrf/folder and rm rfspace folder could be your entire digital life. And speaking of backups, if you want to learn more about how to protect your data, our video on RAID file systems will teach you everything you need to know. I am going to go buy a new laptop.