[pjc50]

For those of you worried about important files, chattr +i is a useful defence. No easy way of applying this automatically.

Long ago I had a kernel hack that would kill any process that attempted to delete a canary file. Worked OK but no chance of it ever going mainstream.

[Zancarius]

Reminds me of a shell trick I saw many years ago for short circuiting accidental 'rm -rf's by issuing a 'touch -- -i' in a sensitive location. In bash (and others), the glob operator inadvertently feeds the '-i' (now a file) into rm as an argument which then interprets it as its "interactive" flag, causing it to prompt for continued removal.

[jjnoakes]

Which only helps "rm -rf ". It does nothing for "rm -rf /anything" or "rm -rf /anything/" or "rm -rf /*" or any other way of spelling doom.

[Zancarius]

Which is why I mentioned the glob operator! Speaking of which, if you did touch '/-i', it would catch

  rm -rf /*

Ironically, I was thinking of adding that specific directories would not be caught (obviously), but I figured that would be understood implicitly since most people ought to know what <asterisk> actually does in the shell. And if they don't...

Edit: I just noticed that the glob operator in my first comment didn't show up, because it was eaten by markdown. Incidentally, so was the asterisk in your post! That might be the source of your confusion. In that case, I should specify such a trick only works with:

  rm -rf *
  rm -rf /*
  rm -rf ~/*

Or similar. Not specific files. But, again, I appeal to the importance of understanding what the glob operator actually does!

As an aside, the context of this post is a mistake in steam.sh which may essentially do:

  rm -rf /*

So, the discussion implicitly has nothing to do with exact paths. :)

[gizmo686]

Nice. Although if I forgot I did this, I suspect that I will have a difficult time figuring out why I cannot delete the file.