Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
C0D4681452y@DeepHotel it's a fun little script, anyone that hasn't done it should go now and run it on their prod servers.
🪑🍿 📺 -
@DeepHotel
It's commonly called a fork bomb.
The syntax looks weird, but basically it defines a function ":", that calls (and pipes into, for double fun) itself in the background.
Once the definition is done ";", it calls itself, ":" (functions in bash do not use () for calling).
Then it will start forking itself into new processes until it exhausts all available PID (and other critical resources), at which point it'll be hard to regain control of the system because your very terminal will become irresponsive to kill it. -
@iArrow
No. Shellshock was a family of vulnerabilities discovered in bash that would allow for remote code execution, DoS and others, and were patched.
This is just someone shooting themselves in the foot because bash allows you to, no different than doing a while(true) busy loop or a stack overflow by calling an infinitely recursive function. -
I mean you can allways say that they were doing scalability tests or some sh...
Why it wasnt limited tho lmao -
@CoreFusionX sounds like a recipe for when you want to quit your job and burn bridges on the way out
-
@OzzyTheGiant
I'd be wary about that.
Even if production wasn't secured against it, it still counts as a DoS attempt, which is grounds not only for termination (obviously) but damages liability.
Related Rants
someone just ran :(){ :|:& };: on production
rant
goddamnit