The
fork bomb is a form of
denial of service attack against a
computer system. It relies on the assumption that the number of
programs and
processes which may be simultaneously executed on a computer is limited. A fork bomb works by creating a large number of processes in a very small amount of time in order to saturate any space in the list of processes kept by the computer's
operating system; at which point no new programs may be started until another terminates and the system becomes much more difficult or impossible to use.
Once a successful fork bomb has been activated in a system, it may not be possible to resume normal operation without rebooting it, as the only solution to a fork bomb is to destroy all instances of it. This is generally not possible since trying to use a program to kill the rogue processes would require another process to be created, which is not possible.
The way in which a fork bomb functions is to spawn as many processes as possible; thus, to prevent a fork bomb one simply needs to limit the number of processes which may be produced by a single program or user. By only allowing untrusted users to run a relatively small number of processes, the
danger of a fork bomb,
malicious or unintentional, is reduced. However, this does not prevent the possibility of a
group of
users collaborating to consume process slots.