HOME

TheInfoList



Click Here for Items Related To - Fork Bomb
OR:
Fork Bomb on:   [Wikipedia]   [Google]   [Amazon]

In
computing Computing is any goal-oriented activity requiring, benefiting from, or creating computing machinery. It includes the study and experimentation of algorithmic processes, and development of both hardware and software. Computing has scientific, ...
, a fork bomb (also called rabbit virus or wabbit) is a
denial-of-service attack In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host conn ...
wherein a process continually replicates itself to deplete available system resources, slowing down or crashing the system due to resource starvation.


History

Around 1978, an early variant of a fork bomb called wabbit was reported to run on a
System/360 The IBM System/360 (S/360) is a family of mainframe computer systems that was announced by IBM on April 7, 1964, and delivered between 1965 and 1978. It was the first family of computers designed to cover both commercial and scientific applic ...
. It may have descended from a similar attack called RABBITS reported from 1969 on a Burroughs 5500 at the
University of Washington The University of Washington (UW, simply Washington, or informally U-Dub) is a public research university in Seattle, Washington. Founded in 1861, Washington is one of the oldest universities on the West Coast; it was established in Seat ...
.


Implementation

Fork bombs operate both by consuming CPU time in the process of forking, and by saturating the
operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), schedule tasks for ef ...
's process table. A basic implementation of a fork bomb is an infinite loop that repeatedly launches new copies of itself. In
Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, a ...
-like operating systems, fork bombs are generally written to use the fork
system call In computing, a system call (commonly abbreviated to syscall) is the programmatic way in which a computer program requests a service from the operating system on which it is executed. This may include hardware-related services (for example, acc ...
. As forked processes are also copies of the first program, once they resume execution from the next address at the frame pointer, they continue forking endlessly within their own copy of the same infinite loop; this has the effect of causing an
exponential growth Exponential growth is a process that increases quantity over time. It occurs when the instantaneous rate of change (that is, the derivative) of a quantity with respect to time is proportional to the quantity itself. Described as a function, a ...
in processes. As modern Unix systems generally use a
copy-on-write Copy-on-write (COW), sometimes referred to as implicit sharing or shadowing, is a resource-management technique used in computer programming to efficiently implement a "duplicate" or "copy" operation on modifiable resources. If a resource is dupl ...
resource management technique when forking new processes, a fork bomb generally will not saturate such a system's memory. Microsoft Windows operating systems do not have an equivalent functionality to the Unix fork system call; a fork bomb on such an operating system must therefore create a new process instead of forking from an existing one. A classic example of a fork bomb is one written in
Unix shell A Unix shell is a command-line interpreter or shell that provides a command line user interface for Unix-like operating systems. The shell is both an interactive command language and a scripting language, and is used by the operating system t ...
:();:, possibly dating back to 1999, which can be more easily understood as: fork() fork In it, a function is defined (fork()) as calling itself (fork), then
piping Within industry, piping is a system of pipes used to convey fluids (liquids and gases) from one location to another. The engineering discipline of piping design studies the efficient transport of fluid. Industrial process piping (and accomp ...
(, ) its result to a background job of itself (&). The code using a colon : as the function name is not valid in a shell as defined by POSIX, which only permits alphanumeric characters and underscores in function names. However, its usage is allowed in GNU Bash as an extension. The first formulation of the Unix shell fork bomb has been proposed as an anonymous art work.


Prevention

As a fork bomb's mode of operation is entirely encapsulated by creating new processes, one way of preventing a fork bomb from severely affecting the entire system is to limit the maximum number of processes that a single user may own. On Linux, this can be achieved by using the ''ulimit'' utility; for example, the command ulimit -u 30 would limit the affected user to a maximum of thirty owned processes. On PAM-enabled systems, this limit can also be set in /etc/security/limits.conf, and on FreeBSD, the system administrator can put limits in /etc/login.conf. Modern Linux systems also allow finer-grained fork bomb prevention through
cgroups cgroups (abbreviated from control groups) is a Linux kernel feature that limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes. Engineers at Google started the work on this ...
and process number (PID) controllers.{{cite web , date=2019-10-08 , title=Process Number Controller in Documentation/ as appeared in Linux kernel 5.3 , url=https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v1/pids.html , access-date=October 8, 2019 , archive-date=October 8, 2019 , archive-url=https://web.archive.org/web/20191008121821/https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v1/pids.html , url-status=live


See also

*
Deadlock In concurrent computing, deadlock is any situation in which no member of some group of entities can proceed because each waits for another member, including itself, to take action, such as sending a message or, more commonly, releasing a lo ...
* Logic bomb * Time bomb (software)


References

{{Reflist


External links

* {{GitHub, aaronryank/fork-bomb, Fork bomb examples {{DEFAULTSORT:Fork bomb Denial-of-service attacks Process (computing)