How To Understand Bash Fork Bomb in Linux
This post will guide you how to understand bash fork bomb in Linux operating systems. How to prevent fork bomb bash script by limiting user’s process in your Linux system.
What is Fork Bomb
a fork bomb (also called rabbit virus or wabbit) is a denial-of-service attack wherein a process continually replicates itself to deplete available system resources, slowing down or crashing the system due to resource starvation. if you start fork bomb script on your Linux system, and it will spawning new processes on your systems. And these new processes will stay alive in background and keeps eating your system cpu or memory resources until system hungs. Actually, Fork bomb is a function in your bash shell script. and it will call himself recursively. like below codes:
:(){ :|:& };:
Or
bomb(){ bomb | bomb & } bomb
How Fork Bomb Script Works
let’s see how to understand the above fork bomb.
bomb(): a line to define a new function called bomb in your shell script.
{ code }: contains the function code
bomb: will call the function “bomb” to execute
&: will put the function call in the background
Preventing Fork Bomb
Fork bombcan be prevented by limiting user processes, and you can defined process limit by adding the following lines into the /etc/security/limits.conf file.
user soft nproc 5000 user hard nproc 5000
Note: user is username for which limits are being defined. and soft and hard are type of limits. nproc is variable for process limit. You should not set the total nuber of processes too low, or your Linux system will be crashed.
then you will see the following output when you execute Fork Bomb script at your shell prompt, type:
$ ./bomb.sh
Outputs:
[devops@mydevops ~]$ ./bomb.sh
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
And you can also use ulimit command with “-S -u ” options to limit user processes, type:
$ sudo ulimit -S -u 5000
Conclusion
You should know that how to understand fork bomb or how to prevent fork bomb to crash your system in your CentOS or RHEL or Ubuntu system.