歡迎來到Linux教程網
Linux教程網
Linux教程網
Linux教程網
您现在的位置: Linux教程網 >> UnixLinux >  >> Linux管理 >> Linux安全

Linux fork炸彈及其預防方法

      在Linux系統下執行這段fork 炸彈代碼就會引起死機,一旦執行起來後,唯一的方法就是重啟系統。實際上這段代碼是一段無限遞歸代碼,將系統資源耗盡。

fork 炸彈代碼:
.(){ .|.& };.

本文下面有這段代碼的詳細解釋,為了防止fork炸彈,方法就是限制用戶能夠啟動的進程數。具體做法,編輯/etc/security/limits.conf文件,在末尾加入 :

* hard nproc 200

將用戶的進程數限制為200,經過測試,root賬戶不受這個限制。

Q. Can you explain following bash code or bash fork() bomb?

:{ :|:& };:

A. This is a bash function. It gets called recursively (recursive function). This is most horrible code for any Unix / Linux box. It is often used by sys admin to test user processes limitations (Linux process limits can be configured via /etc/security/limits.conf and PAM).

Once a successful fork bomb has been activated in a system it may not be possible to resume normal operation without rebooting, as the only solution to a fork bomb is to destroy all instances of it.

WARNING! These examples may crash your computer if executed.

Understanding :{ :|:& };: fork() bomb code

: - It is a function name. It accepts no arguments at all. Generally, bash function is defined as follows:

foo(){

arg1=

echo ''

#do_something on $arg argument

}

fork() bomb is defined as follows:

:{

:|:&

};:

:|: - Next it call itself using programming technique called recursion and pipes the output to another call of the function ':'. The worst part is function get called two times to bomb your system.

& - Puts the function call in the background so child cannot die at all and start eating system resources.

; - Terminate the function definition

: - Call (run) the function aka set the fork() bomb.

Here is more human readable code:

bomb() {

bomb | bomb &

}; bomb

Properly configured Linux / UNIX box should not go down when fork() bomb sets off.
 

Copyright © Linux教程網 All Rights Reserved