Sunday, April 27, 2008

Understanding Bash fork() bomb ~ :(){ :|:& };:

This is horrible code for any Unix / Linux box. It is often used by sys admin to test user processes limitations (Linux process limits can be configured via /etc/security/limits.conf and PAM).

Once a successful fork bomb has been activated in a system it may not be possible to resume normal operation without rebooting, as the only solution to a fork bomb is to destroy all instances of it.

Here is more human readable code:

bomb() {
bomb | bomb &
}; bomb

Properly configured Linux / UNIX box should not go down when fork() bomb sets off, which can be prevented by limiting user processes. This is important for running a stable system. Just add user name or group or all users to /etc/security/limits.conf file and impose process limitations.

# This will prevent a "fork bomb":
vivek hard nproc 300
@student hard nproc 50
@faculty soft nproc 100
@pusers hard nproc 200

Above will prevent anyone in the student group from having more than 50 processes, faculty and pusers group limit is set to 100 and 200. Vivek can create only 300 process. Please note that KDE and Gnome can launch many process.

No comments: