notas:seguridad
Diferencias
Muestra las diferencias entre dos versiones de la página.
| Ambos lados, revisión anteriorRevisión previaPróxima revisión | Revisión previaPróxima revisiónAmbos lados, revisión siguiente | ||
| notas:seguridad [2014/05/21 14:20] – [Seguridad] cayu | notas:seguridad [2014/06/03 14:05] – [Seguridad] cayu | ||
|---|---|---|---|
| Línea 18: | Línea 18: | ||
| {{: | {{: | ||
| - | ===== Understanding Bash fork() bomb ~ :(){ :|:& };: ===== | ||
| - | **Q.** Can you explain following bash code or bash fork() bomb? | + | === Bombas lógicas |
| - | :(){ :|:& };: | + | |
| - | + | ||
| - | **A.** This is a bash function. It gets called recursively (recursive function). This is most horrible code for any Unix / Linux box. It is often used by sys admin to test user processes limitations (Linux process limits can be configured via / | + | |
| - | + | ||
| - | Once a successful fork bomb has been activated in a system it may not be possible to resume normal operation without rebooting, as the only solution to a fork bomb is to destroy all instances of it. | + | |
| - | [Warning examples may crash your computer] WARNING! These examples may crash your computer if executed. | + | |
| - | Understanding :(){ :|:& };: fork() bomb code | + | |
| - | + | ||
| - | :() - It is a function name. It accepts no arguments at all. Generally, bash function is defined as follows: | + | |
| - | + | ||
| - | <code bash> | + | |
| - | foo(){ | + | |
| - | arg1=$1 | + | |
| - | echo '' | + | |
| - | # | + | |
| - | } | + | |
| - | </ | + | |
| - | + | ||
| - | fork() bomb is defined as follows: | + | |
| - | + | ||
| - | <code bash> | + | |
| - | :(){ | + | |
| - | : | + | |
| - | };: | + | |
| - | </ | + | |
| - | ** | + | |
| - | :|:** - Next it call itself using programming technique called recursion and pipes the output to another call of the function ':' | + | |
| - | + | ||
| - | **&** - Puts the function call in the background so child cannot die at all and start eating system resources. | + | |
| - | + | ||
| - | **;** - Terminate the function definition | + | |
| - | + | ||
| - | **:** - Call (run) the function aka set the fork() bomb. | + | |
| - | + | ||
| - | Here is more human readable code: | + | |
| - | + | ||
| - | <code bash> | + | |
| - | bomb() { | + | |
| - | bomb | bomb & | + | |
| - | }; bomb | + | |
| - | </ | + | |
| - | + | ||
| - | Properly configured Linux / UNIX box should not go down when fork() bomb sets off. | + | |
| - | + | ||
| - | ==== Extra ==== | + | |
| - | + | ||
| - | Perl exmaple: | + | |
| - | + | ||
| - | <code perl> | + | |
| - | perl -e "fork while fork" & | + | |
| - | </ | + | |
| - | + | ||
| - | Python example: | + | |
| - | + | ||
| - | <code python> | + | |
| - | import os | + | |
| - | while(1): | + | |
| - | os.fork() | + | |
| - | </ | + | |
| - | + | ||
| - | Windows XP / Vista bat file example: | + | |
| - | + | ||
| - | < | + | |
| - | :bomb | + | |
| - | start %0 | + | |
| - | goto bomb | + | |
| - | </ | + | |
| - | + | ||
| - | UNIX style for Windows: | + | |
| - | + | ||
| - | < | + | |
| - | %0|%0 | + | |
| - | </ | + | |
| - | + | ||
| - | C program example: | + | |
| - | + | ||
| - | <code c> | + | |
| - | #include | + | |
| - | int main() { | + | |
| - | </ | + | |
| - | + | ||
| - | Plz note that the fork bomb is a form of denial of service, so don’t run on production or unauthorized system. | + | |
| - | + | ||
| - | + | ||
| - | ==== Fuente ==== | + | |
| - | + | ||
| - | + | ||
| - | http:// | + | |
| + | * [[notas: | ||
| ===== How to: Prevent a fork bomb by limiting user process ===== | ===== How to: Prevent a fork bomb by limiting user process ===== | ||