Linux之劫持rm命令实现安全删除和屏蔽删除/、/*脚本-ITB运维部落—http://www.itbcn.cn—ITB运维技术交流之家平台
记录工作点滴
分享运维知识

Linux之劫持rm命令实现安全删除和屏蔽删除/、/*脚本

 

摘要

我认为Linux上这是一个必须添加的功能,必须屏蔽rm / 、rm /* 、rm -rf / 、rm -rf /*,不怕恶意去执行就怕无意中招让自己gg了

 

还是一键脚本吧

wget http://www.dwhd.org/script/securityremove.sh
bash securityremove.sh

具体效果见图
Linux之劫持rm命令实现安全删除和屏蔽删除/、/*

部署脚本源码

#!/bin/bash
#########################################################################
# File Name: securityremove.sh
# Author: LookBack
# Email: admin#dwhd.org
# Version:
# Created Time: 2015年08月16日 星期日 01时47分37秒
#########################################################################

wget -q http://www.dwhd.org/script/securityremove -O /bin/securityremove
chmod 755 /bin/securityremove
[ -f /etc/bash.bashrc ] && (sed -i "/securityremove/d" /etc/bash.bashrc && echo 'alias rm="/bin/securityremove"' >> /etc/bash.bashrc && . /etc/bash.bashrc)
[ -f /etc/bashrc ] && (sed -i "/securityremove/d" /etc/bashrc && echo 'alias rm="/bin/securityremove"' >> /etc/bashrc && . /etc/bashrc)
[ -f /root/.bashrc ] && (sed -i "/alias rm/d" /root/.bashrc && echo 'alias rm="/bin/securityremove"' >> /root/.bashrc && . /root/.bashrc)
[[ -f "~/.bashrc" && "$USER" != "root" ]] &&(sed -i "/alias rm/d" ~/.bashrc && echo 'alias rm="/bin/securityremove"' >> ~/.bashrc && . ~/.bashrc)

核心源码
Linux之劫持rm命令实现安全删除和屏蔽删除/、/*

#!/bin/bash
#########################################################################
# File Name: securityremove.sh
# Author: LookBack
# Email: admin#dwhd.org
# Version:
# Created Time: 2015年08月16日 星期日 01时47分37秒
#########################################################################

RMARGS="${@}"
RMPATH="/bin/rm"
sys1dir=$(ls / | sed 's/^/\//' | tr "\n" " " | sed 's/.$//')
[ "${RMARGS}" == "" ] && ${RMPATH} && exit

SBRUN() {
        echo -ne "\033[41;37mWhy run this command\033[0m\n"
        exit 255
}

if grep "$sys1dir" <<< $RMARGS >/dev/null 2>&1; then SBRUN;fi
for i in ${@};do [ "$i" = "/" ] && SBRUN ;done

if [ "${RMARGS}" == '-h' ] || [ "${RMARGS}" == '--help' ];then
        ${RMPATH} ${RMARGS}
else
        while [ "${confirm}" != "yes" ] && [ "${confirm}" != "no" ]; do
                echo -ne "You are going to execute \"${RMPATH} \033[41;37m${RMARGS}\033[0m\",please confirm (yes or no):"
                read confirm
        done
        [ "${confirm}" == "yes" ] && ${RMPATH} ${RMARGS} || exit
fi
未经允许不得转载:ITB运维部落—http://www.itbcn.cn—ITB运维技术交流之家平台 » Linux之劫持rm命令实现安全删除和屏蔽删除/、/*脚本

如果文章对你有帮助,欢迎点击上方按钮打赏作者

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址