How a 13‑Character Fork Bomb Crashes Linux and How to Prevent It
This article explains the tiny 13‑character Linux fork bomb that can exhaust system resources and cause a denial‑of‑service crash, demonstrates its effect on a cloud VM, and shows how to mitigate the threat using ulimit and limits.conf settings.
The 13‑Character Fork Bomb
In 2002 Jaromil created an extremely compact Linux fork bomb consisting of only 13 characters. When executed in a shell, it rapidly spawns processes until the system runs out of memory and crashes.
:(){ :|:& };:
The syntax defines a function named : that calls itself recursively ( :|:&) and runs in the background, causing exponential process growth. After a few seconds the kernel cannot allocate more processes, resulting in a system halt that can only be recovered by rebooting.
Running the Bomb (Demo)
The author tested the bomb on a 2 GB cloud VM. After launching the script in one terminal, the second terminal could no longer log in, and the system reported -bash: fork: Cannot allocate memory. The only way to restore access was to power‑cycle the VM from the provider’s console.
Impact of a Fork Bomb
A fork bomb creates a denial‑of‑service (DoS) condition by exhausting CPU and memory resources. Unlike traditional DoS attacks that flood a server with network traffic, a fork bomb consumes local resources without needing root privileges, making it especially dangerous on shared or production servers.
Prevention Techniques
The simplest mitigation is to limit the number of processes a user can create with ulimit. Running ulimit -u 20 restricts a user to a maximum of 20 processes, which stops the bomb from spawning enough processes to crash the system.
ulimit -a
Key fields from ulimit -a show that -u controls the maximum user processes. To make the limit persistent, add a line to /etc/security/limits.conf (replace ubuntu with the actual username):
ubuntu - nproc 20
After logging out and back in, the new limit takes effect, and attempts to run the bomb result in -bash: fork: retry: No child processes instead of memory exhaustion.
Alternative Implementations
The same effect can be achieved in other languages, such as Python:
import os while True: os.fork()
Regardless of the language, the underlying principle is the same: uncontrolled process creation leads to resource exhaustion.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
ITPUB
Official ITPUB account sharing technical insights, community news, and exciting events.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.