A Single Line of Code in Linux Can Crash the System Instantly, and 90% of People Don’t Know

The classic Bash fork bomb command, which causes the system to crash by exhausting system resources:

.(){ .|.&};. 

The way this command works is by recursively creating new processes to exhaust system resources:

.() defines a function named . The function content .|.& means: call itself (.) to create a child process through a pipe (|), and then run the process in the background (&); the last . executes this function, triggering the entire loop

After execution, the system will continuously create new processes until all available process numbers, memory, and CPU resources are exhausted, ultimately leading to the system becoming unresponsive or crashing.

With such terrifying consequences, as an operations and maintenance personnel, it is essential to have preventive measures. The most direct method is to limit the number of user processes. The configuration file /etc/security/limits.conf is used in Linux systems to control user/process resource usage, serving to limit the maximum system resources that a user or process can use, preventing a single user/process from excessively consuming resources and causing system instability.Set the maximum number of processes for users in this file:

* hard nproc 1024* soft nproc 512

This will limit each user to a maximum of 1024 processes, note that * does not include the root user!

A Single Line of Code in Linux Can Crash the System Instantly, and 90% of People Don't KnowOnce the fork bomb is triggered, recovery usually requires a hard reboot of the system, as the system is no longer responsive to normal command input. Therefore, preventive measures are particularly important.

Leave a Comment