cd: While technically a shell built-in, this highly damaging command deserves its own entry. While it would be beneficial to start users in a random, deeply-nested directory without a $PS1 (or pwd support), due to cd’s default behaviour of navigating to the home directory when called without arguments, this potentially useful security technique is rendered useless. Likewise, the tilde (~) expands to the home directory’s path, and it too is often used when compromising a system. Ideally, this command would not be compiled into the shell. The other dangerous link cd makes use of is “..”, which allows the shell to traverse up the directory tree without actually knowing the name of the parent directory. This is the equivalent of allowing a blind lunatic with a chainsaw into your home and playing Marco Polo with him.
