Bash: .* Considered Harmful To Match Dot Files. Why?

How do I match dot files under Unix / Linux using bash shell? Why .* considered as harmful when matching dot files under bash shell?

Short answer.* matches the special “..” link in the directory and your command ends up getting applied to the parent directory. This may end up in unexpected results. Hence, .* considered harmful.

Long answer – Say, you want to run a chmomd/chown or find command on all of the dot files in a directory called /home/nixcraft/projects. You type the following command in $HOME/projects/ to match all dot files:

Tutorial details
Difficulty level Easy
Root privileges No
Requirements Bash
Est. reading time N/A
chmod -R 0444 .*


chown -R user:group .*

This will change the permission for both in the current and parent directory as .. will be matched by .*. This may result into unexpected security related issues and few other problems. Many Linux / Unix commands offers an option to work recursively on files. In this example, the -R option will match the current and all sub-dirs of parent directory. This can result into disaster if you have several thousand files. Restoring and cleaning from this kind of problems can be time consuming. Use the following syntax to match dot files:

chmod -R 0444 .[^.]*


chown -R user:group .[^.]*


ls -R .[^.]*


find . -iname ".[^.]*" -print


find . -iname ".[^.]*" -ls

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 6 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf duf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Modern utilitiesbat exa
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg glances gtop jobs killall kill pidof pstree pwdx time vtop
Searchingag grep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
6 comments… add one
  • Philippe Petrinko Apr 25, 2013 @ 9:14

    Good to say.

    By the way:

    1) [find] could be set to find files only with [-type] parameter set to [f].

    find . -type f -iname “.[^.]*” -print

    2) In this case, there is no need to use special search string, and you can use “.*”

    3) Finally, there is also no point in using case-insensitive search [-iname], normal search [-name] will make it.

    So, this is appropriate to use:

    find . -type f -name “.*” -print

    You may consider modifying your article accordingly.

    — Philippe

  • jec Apr 25, 2013 @ 19:23

    Simpler while not so complete as above solutions:

    chmod -R +x .??*

    This will match anything beginning by dot but not a filename with only ONE char after dot (.a for example)

    • Philippe Petrinko Apr 25, 2013 @ 20:32

      Not totally bad, but as you said, this does not do the trick for all cases… ;-)
      so I won’t use your code and stick to :

      find . -type f -name “.*” -print | xargs # do here whatever you need

  • gdott9 Apr 28, 2013 @ 13:07

    Well, it depends on your shell.

    When I try ‘ls -d .*’, zsh does not return . and .. whereas bash returns both.
    So, with zsh, it’s not harmful, but, yes, be careful with that.

  • leviathaan Jan 10, 2014 @ 16:13

    why .* and not * ?

  • budsz Sep 15, 2015 @ 5:14

    Sometime we make a mistake (chown -R .*), for futher question if already done. How to detecting file/folder which’s already changed without compare with original other system? – Thank You

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum