Fork bomb

… is security attack which should leads into Denial Of Service on system resources. It's done byt forking so many processes so kernel exhaust space for storing processes data. In default some linux distros are vulnerable. Solution is using enforcing NPROC limit by ulimit and set grsec to enforce it.

Once we had this grsec setting but ulimit was set to unlimited ;))))

 > $ :(){ :|:& };:
 > Can someone explain what that does?

 It creates a function called ":" that accepts no arguments-- that's
 the ":(){ ... }" part of the utterance.

 The code in the function calls the recursively calls the function
 and pipes the output to another invocation of the function-- that's
 the ":|:" part.  The "&" puts the call into the background-- that way
 the child process don't die if the parent exits or is killed.  Note
 that by invoking the function twice, you get exponential growth in
 the number of processes (nasty!).

 The trailing ";" after the curly brace finishes the function definition
 and the last ":" is the first invocation of the function that sets off
 the bomb.

 Most unpleasant...
 Hal Pomeranz, Founder/CEO      Deer Run Associates      hal at
     Network Connectivity and Security, Systems Management, Training
  • techblog/fork_bomb.txt
  • Last modified: 2018/09/01 19:07
  • by bodik