Linux之劫持rm命令实现安全删除和屏蔽删除

摘要 我认为Linux上这是一个必须添加的功能,必须屏蔽rm / 、rm / 、rm -rf / 、rm -rf /,不怕恶意去执行就怕无意中招让自己gg了 还是一键脚本吧

1
2
wget http://www.dwhd.org/script/securityremove.sh
bash securityremove.sh

部署脚本源码

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
#!/bin/bash
#########################################################################
\# File Name: securityremove.sh
\# Author: LookBack
\# Email: admin#dwhd.org
\# Version:
\# Created Time: 20150816日 星期日 014737
#########################################################################

wget -q http://www.dwhd.org/script/securityremove -O /bin/securityremove
chmod 755 /bin/securityremove
\[ -f /etc/bash.bashrc \] && (sed -i "/securityremove/d" /etc/bash.bashrc && echo 'alias rm="/bin/securityremove"' >> /etc/bash.bashrc && . /etc/bash.bashrc)
\[ -f /etc/bashrc \] && (sed -i "/securityremove/d" /etc/bashrc && echo 'alias rm="/bin/securityremove"' >> /etc/bashrc && . /etc/bashrc)
\[ -f /root/.bashrc \] && (sed -i "/alias rm/d" /root/.bashrc && echo 'alias rm="/bin/securityremove"' >> /root/.bashrc && . /root/.bashrc)
\[\[ -f "~/.bashrc" && "$USER" != "root" \]\] &&(sed -i "/alias rm/d" ~/.bashrc && echo 'alias rm="/bin/securityremove"' >> ~/.bashrc && . ~/.bashrc)

核心源码

#!/bin/bash
#########################################################################
\# File Name: securityremove.sh
\# Author: LookBack
\# Email: admin#dwhd.org
\# Version:
\# Created Time: 20150816日 星期日 014737
#########################################################################

RMARGS="${@}"
RMPATH="/bin/rm"
sys1dir=$(ls / | sed 's/^/\\//' | tr "\\n" " " | sed 's/.$//')
\[ "${RMARGS}" == "" \] && ${RMPATH} && exit

SBRUN() {
echo -ne "\\033\[41;37mWhy run this command\\033\[0m\\n"
exit 255
}

if grep "$sys1dir" <<< $RMARGS >/dev/null 2>&1; then SBRUN;fi
for i in ${@};do \[ "$i" = "/" \] && SBRUN ;done

if \[ "${RMARGS}" == '-h' \] || \[ "${RMARGS}" == '--help' \];then
${RMPATH} ${RMARGS}
else
while \[ "${confirm}" != "yes" \] && \[ "${confirm}" != "no" \]; do
echo -ne "You are going to execute \\"${RMPATH} \\033\[41;37m${RMARGS}\\033\[0m\\",please confirm (yes or no):"
read confirm
done
\[ "${confirm}" == "yes" \] && ${RMPATH} ${RMARGS} || exit
fi

0%