Linux fork死循環(huán)炸彈及其預(yù)防

發(fā)布時(shí)間: 2012/8/6 19:15:57

　　在Linux系統(tǒng)下執(zhí)行這段代碼 :(){ :|:& }；：就會(huì)引起死機(jī)，一旦執(zhí)行起來(lái)后，唯一的方法就是重啟系統(tǒng)。實(shí)際上這段代碼是一段無(wú)限遞歸代碼，將系統(tǒng)資源耗盡。
　　本文下面有這段代碼的詳細(xì)解釋?zhuān)瑸榱朔乐筬ork炸彈，方法就是限制用戶(hù)能夠啟動(dòng)的進(jìn)程數(shù)。具體做法，編輯/etc/security/limits.conf文件，在末尾加入：
　　* hard nproc 200
　　將用戶(hù)的進(jìn)程數(shù)限制為200，經(jīng)過(guò)測(cè)試，root賬戶(hù)不受這個(gè)限制。
　　Q. Can you explain following bash code or bash fork() bomb?
　　:(){ :|:& };:
　　A. This is a bash function. It gets called recursively (recursive function). This is most horrible code for any Unix / Linux box. It is often used by sys admin to test user processes limitations (Linux process limits can be configured via /etc/security/limits.conf and PAM).
　　Once a successful fork bomb has been activated in a system it may not be possible to resume normal operation without rebooting, as the only solution to a fork bomb is to destroy all instances of it.
　　WARNING! These examples may crash your computer if executed.
　　Understanding :(){ :|:& };: fork() bomb code
　　:() - It is a function name. It accepts no arguments at all. Generally, bash function is defined as follows:
　　foo(){
　　arg1=$1
　　echo ''
　　#do_something on $arg argument
　　}
　　fork() bomb is defined as follows:
　　:(){
　　:|:&
　　};:
　　:|: - Next it call itself using programming technique called recursion and pipes the output to another call of the function ':'. The worst part is function get called two times to bomb your system.
　　& - Puts the function call in the background so child cannot die at all and start eating system resources.
　　; - Terminate the function definition
　　: - Call (run) the function aka set the fork() bomb.
　　Here is more human readable code:
　　bomb() {
　　bomb | bomb &
　　}; bomb
　　Properly configured Linux / UNIX box should not go down when fork() bomb sets off.