I stumbled upon this page and can't understand how this works.
This command "exponentially spawns subprocesses until your box locks up".
But why? What I grok less are the colons.
user@host$ :(){ :|:& };:
views:
1266answers:
4
+39
A:
That defines a function called : which calls itself twice (Code: : | :). It does that in the background (&). After the ; the function definition is done and the function : gets started.
So every instance of : starts two new : and so on... Like a binary tree of processes...
Written in plain C that is:
while(1) {
fork();
}
Johannes Weiß
2009-02-05 13:17:47
Ouch that hurts.
Gamecat
2009-02-05 13:19:22
The C equivalent isn't exactly the same (as each process will spawn theoretically infinite amounts of itself, whereas each bash-forkbomb process will "only" spawn two processes), although both have the same result..
dbr
2009-02-13 10:32:52
dbr, yes thats right. I though about that at the time of writing, but that C code is cleaner and simpler. The bash one is like a binary tree, the C one like a n-ary tree.
Johannes Weiß
2009-02-13 13:27:14
+27
A:
:(){ :|:& };:
..defines a function named :, which spawns itself (twice, one pipes into the other), and backgrounds itself.
With line breaks:
:()
{
:|:&
};
:
Renaming the : function to forkbomb:
forkbomb()
{
forkbomb | forkbomb &
};
forkbomb
You can prevent such attacks by using ulimit to limit the number of processes-per-user:
$ ulimit -u 50
$ :(){ :|:& };:
-bash: fork: Resource temporarily unavailable
$
More permanently, you can use /etc/security/limits.conf (on Debian and others, at least), for example:
* hard nproc 50
Of course that means you can only run 50 processes, you may want to increase this depending on what the machine is doing!
dbr
2009-02-05 13:41:50
Upvoted - giving the : function a clearer name is exactly how I would have unobfuscated the code.
slim
2009-02-09 10:44:04
+1
A:
I've had varying effects when trying this. Depending (I believe) on the configured upper limit for the number of processes and the CPU power, it caused barely a bump on some systems while completely freezing others.
Michael Borgwardt
2009-02-05 13:47:39