<b>Linux fork炸弹及其预防</b>[Linux安全]

在Linux系统下履行这段代码 :(){ :|:& };: 就会惹起死机,一旦履行起来后,唯一的办法就是重启系统.实际上这段代码是一段无限递归代码,将系统资源耗尽.

本文下面有这段代码的具体注释,为了避免fork炸弹,办法就是限制用户可以启动的进程数.具体做法,编辑/etc/security/limits.conf文件,在末尾加入 :

* hard nproc 200
将用户的进程数限制为200,经过测试,root账户不受这个限制.


Q. Can you explain following bash code or bash fork() bomb?
:(){ :|:& };:

A. This is a bash function. It gets called recursively (recursive function). This is most horrible code for any Unix / Linux box. It is often used by sys admin to test user processes limitations (Linux process limits can be configured via /etc/security/limits.conf and PAM).

Once a successful fork bomb has been activated in a system it may not be possible to resume normal operation without rebooting, as the only solution to a fork bomb is to destroy all instances of it.
WARNING! These examples may crash your computer if executed.
Understanding :(){ :|:& };: fork() bomb code

:() - It is a function name. It accepts no arguments at all. Generally, bash function is defined as follows:
foo(){
arg1=$1
echo ''
#do_something on $arg argument
}

fork() bomb is defined as follows:
:(){
:|:&
};:

:|: - Next it call itself using programming technique called recursion and pipes the output to another call of the function ':'. The worst part is function get called two times to bomb your system.

& - Puts the function call in the background so child cannot die at all and start eating system resources.

; - Terminate the function definition

: - Call (run) the function aka set the fork() bomb.

Here is more human readable code:
bomb() {
bomb | bomb &
}; bomb

Properly configured Linux / UNIX box should not go down when fork() bomb sets off. 　　以上是“<b>Linux fork炸弹及其预防</b>[Linux安全]”的内容，如果你对以上该文章内容感兴趣，你可以看看七道奇为您推荐以下文章：