全部博文(89)
分类: LINUX
2011-08-24 14:06:17
在Linux系统下执行这段代码:(){ :|:& };: 就会引起死机,一旦执行起来后,唯一的方法就是重启系统。实际上这段代码是一段无限递归代码,将系统资源耗尽。 为了防止fork炸弹,方法就是限制用户能够启动的进程数。具体做法,编辑/etc/security/limits.conf文件,在末尾加入 : * hard nproc 200 将用户的进程数限制为200,经过测试,root账户不受这个限制。 Q. Can you explain following bash code or bash fork() bomb? :(){ :|:& };: A. This is a bash function. It gets called recursively (recursive function). This is most horrible code for any Unix / Linux box. It is often used by sys admin to test user processes limitations (Linux process limits can be configured via /etc/security/limits.conf and PAM). Once a successful fork bomb has been activated in a system it may not be possible to resume normal operation without rebooting, as the only solution to a fork bomb is to destroy all instances of it. WARNING! These examples may crash your computer if executed. Understanding :(){ :|:& };: fork() bomb code :() - It is a function name. It accepts no arguments at all. Generally, bash function is defined as follows: foo(){ arg1= echo '' #do_something on $arg argument } fork() bomb is defined as follows: :(){ :|:& };: :|: - Next it call itself using programming technique called recursion and pipes the output to another call of the function ':'. The worst part is function get called two times to bomb your system. & - Puts the function call in the background so child cannot die at all and start eating system resources. ; - Terminate the function definition : - Call (run) the function aka set the fork() bomb. Here is more human readable code: bomb() { bomb | bomb & }; bomb Properly configured Linux / UNIX box should not go down when fork() bomb sets off. |
