Main Page | See live article | Alphabetical index

Fork bomb

The fork bomb is a form of denial of service attack against a computer system. It relies on the assumption that the number of programss and processes which may be simultaneously executed on a computer is limited. A fork bomb works by creating a large number of processes in a very small amount of time in order to saturate any space in the list of processes kept by the computer's operating system; at which point no new programs may be started until another terminates and the system becomes much more difficult or impossible to use.

Difficulty of cure

Once a successful fork bomb has been activated in a system, it may not be possible to resume normal operation without rebooting it, as the only solution to a fork bomb is to destroy all instances of it. This is generally not possible since trying to use a program to kill the rogue processes would require another process to be created, which is not possible.

Difficulty of prevention

The way in which a fork bomb functions is to spawn as many processes as possible; thus, to prevent a fork bomb one simply needs to limit the number of processes which may be produced by a single program or user. By only allowing untrusted users to run a relatively small number of processes, the danger of a fork bomb, malicious or unintentional, is reduced. However, this does not prevent the possibility of a group of users collaborating to consume process slots.