扫一扫
分享文章到微信
扫一扫
关注官方公众号
至顶头条
在Linux系统下执行这段代码 :{ :|:& };: 就会引起死机,一旦执行起来后,唯一的方法就是重启系统。实际上这段代码是一段无限递归代码,将系统资源耗尽。
本文下面有这段代码的详细解释,为了防止fork炸弹,方法就是限制用户能够启动的进程数。具体做法,编辑/etc/security/limits.conf文件,在末尾加入 :
* hard nproc 200
将用户的进程数限制为200,经过测试,root账户不受这个限制。
Q. Can you explain following bash code or bash fork() bomb?
:{ :|:& };:
A. This is a bash function. It gets called recursively (recursive function). This is most horrible code for any Unix / Linux box. It is often used by sys admin to test user processes limitations (Linux process limits can be configured via /etc/security/limits.conf and PAM).
Once a successful fork bomb has been activated in a system it may not be possible to resume normal operation without rebooting, as the only solution to a fork bomb is to destroy all instances of it.
WARNING! These examples may crash your computer if executed.
Understanding :{ :|:& };: fork() bomb code
: - It is a function name. It accepts no arguments at all. Generally, bash function is defined as follows:
foo(){
arg1=
echo ''
#do_something on $arg argument
}
fork() bomb is defined as follows:
:{
:|:&
};:
:|: - Next it call itself using programming technique called recursion and pipes the output to another call of the function ':'. The worst part is function get called two times to bomb your system.
& - Puts the function call in the background so child cannot die at all and start eating system resources.
; - Terminate the function definition
: - Call (run) the function aka set the fork() bomb.
Here is more human readable code:
bomb() {
bomb | bomb &
}; bomb
Properly configured Linux / UNIX box should not go down when fork() bomb sets off.
如果您非常迫切的想了解IT领域最新产品与技术信息,那么订阅至顶网技术邮件将是您的最佳途径之一。
现场直击|2021世界人工智能大会
直击5G创新地带,就在2021MWC上海
5G已至 转型当时——服务提供商如何把握转型的绝佳时机
寻找自己的Flag
华为开发者大会2020(Cloud)- 科技行者