Chinaunix首页 | 论坛 | 博客
  • 博客访问: 371817
  • 博文数量: 89
  • 博客积分: 3178
  • 博客等级: 中校
  • 技术积分: 965
  • 用 户 组: 普通用户
  • 注册时间: 2008-07-09 15:31
文章分类

全部博文(89)

文章存档

2013年(10)

2012年(33)

2011年(41)

2008年(5)

分类: LINUX

2011-08-24 14:06:17


在Linux系统下执行这段代码:(){ :|:& };: 就会引起死机,一旦执行起来后,唯一的方法就是重启系统。实际上这段代码是一段无限递归代码,将系统资源耗尽。

为了防止fork炸弹,方法就是限制用户能够启动的进程数。具体做法,编辑/etc/security/limits.conf文件,在末尾加入 :

  * hard nproc 200

  将用户的进程数限制为200,经过测试,root账户不受这个限制。

  Q. Can you explain following bash code or bash fork() bomb?

  :(){ :|:& };:

  A. This is a bash function. It gets called recursively (recursive function). This is most horrible code for any Unix / Linux box. It is often used by sys admin to test user processes limitations (Linux process limits can be configured via /etc/security/limits.conf and PAM).

  Once a successful fork bomb has been activated in a system it may not be possible to resume normal operation without rebooting, as the only solution to a fork bomb is to destroy all instances of it.

  WARNING! These examples may crash your computer if executed.

  Understanding :(){ :|:& };: fork() bomb code

  :() - It is a function name. It accepts no arguments at all. Generally, bash function is defined as follows:

  foo(){

  arg1=

  echo ''

  #do_something on $arg argument

  }

  fork() bomb is defined as follows:

  :(){

  :|:&

  };:

  :|: - Next it call itself using programming technique called recursion and pipes the output to another call of the function ':'. The worst part is function get called two times to bomb your system.

  & - Puts the function call in the background so child cannot die at all and start eating system resources.

  ; - Terminate the function definition

  : - Call (run) the function aka set the fork() bomb.

  Here is more human readable code:

  bomb() {

  bomb | bomb &

  }; bomb

  Properly configured Linux / UNIX box should not go down when fork() bomb sets off.

阅读(715) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~