what is fork bomb and how to avoid it


The fork bomb is recursive bash function. It is DoS attack against linux operating system. Definition of fork bomb:

:(){ :|:& };:

What do all these symbols mean?
:() - defines function called ":"
:|: - recursive sends output to ":"
& - puts function to background
; - terminate the function definition
: - at the end calls function

Be careful this example may crush your computer. We can prevent against fork bomb limiting the number of processes for user (or group of users) in file /etc/security/limits.conf.

For example we want to limit number of process to 300:

likeIT hard nproc 30

"likeIT" is name of user. If you want to apply this limitation to group, use "@groupName".

There is a example of whole configuration file:

Let's explain some important key word from /etc/security/limits.conf file:

[domain] [type] [item] [value]

Domain can be:

  • an user name
  • a group name - use @group syntax
Type can have these two values:
  • soft - for enforcing the soft limits
  • hard - for enforcing hard limits
Item can be:
  • core - limit the core file size (KB)
  • fsize - maximum filesize (KB)
  • cpu – max CPU time (MIN)
  • nproc – max number of processes

Was this information helpful to you? You have the power to keep it alive.
Each donated € will be spent on running and expanding this page about UNIX Shell.


More Information

BASH scripting course

We prepared for you video course Marian's BASH Video Training: Mastering Unix Shell, if you would like to get much more information.

Thank you. Marian Knezek