On Thu, Aug 29, 2019 at 6:05 PM Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote: > > > On 2019-08-29 10:53, Jonathan Billings wrote: > > On Thu, Aug 29, 2019 at 10:25:50AM -0500, Valeri Galtsev wrote: > >> root at point:/home/valeri # cd > >> root at point:~ # whoami > >> root > >> root at point:~ # rm -rf / > >> rm: "/" may not be removed > >> > Sometimes the worst commands are those done not intentionally but due to human error or underestimation: I remember one time on 1994 I executed deltree from c:\ on a Win 3.1 system and I had to reinstall the box... perhaps a subliminal desire to install Linux... So coming back to the initial question you can give sudo for all and the user can be in / thinking to be in another directory and run a command like $$$$ sudo find . -type f -exec rm -f {} \; and the effects would not be nice at all Or he/she can create a script that executes a change directory and then remove/manipulate contents inside the destination directory and if he/she doesn't test the return code of the "cd" command, and then actually the removal actions will run from the current directory where the user is when running the script... Just to give two examples not to give unlimited / uncontrolled power to anyone.. Gianluca