Would globally aliasing the fork bomb prevent its execution?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
13
down vote

favorite












If you were to globally set



alias ':():& ;:'='echo fork bomb averted'


would that be an effective security strategy to avoid the Bash fork bomb execution or would there still be a way to execute it?



I suppose the question cashes out to: is there a way to execute a command when it's aliased to something else?




bash security alias




share|improve this question
















  • 1




    @user1717828, a "fork bomb" is a program that simply runs new copies of itself, forever. The resulting exponential growth in the number of programs running usually causes something to break in short order.
    – Mark
    Aug 28 at 21:18






  • 1




    Even if this did work - it wouldn't protect against a program that calls fork() not going through bash?
    – UKMonkey
    Aug 29 at 9:20






  • 2




    :():&;:
    – Joshua
    Aug 29 at 17:25






  • 3




    Just run a() a;a
    – immibis
    Aug 29 at 23:12







  • 1




    You'd avoid the common form (if you'd get it to work at all), but there's a near infinite amount of variations on it possible.
    – Mast
    Aug 30 at 7:33















up vote
13
down vote

favorite












If you were to globally set



alias ':():& ;:'='echo fork bomb averted'


would that be an effective security strategy to avoid the Bash fork bomb execution or would there still be a way to execute it?



I suppose the question cashes out to: is there a way to execute a command when it's aliased to something else?




bash security alias




share|improve this question
















  • 1




    @user1717828, a "fork bomb" is a program that simply runs new copies of itself, forever. The resulting exponential growth in the number of programs running usually causes something to break in short order.
    – Mark
    Aug 28 at 21:18






  • 1




    Even if this did work - it wouldn't protect against a program that calls fork() not going through bash?
    – UKMonkey
    Aug 29 at 9:20






  • 2




    :():&;:
    – Joshua
    Aug 29 at 17:25






  • 3




    Just run a() a;a
    – immibis
    Aug 29 at 23:12







  • 1




    You'd avoid the common form (if you'd get it to work at all), but there's a near infinite amount of variations on it possible.
    – Mast
    Aug 30 at 7:33













up vote
13
down vote

favorite









up vote
13
down vote

favorite











If you were to globally set



alias ':():& ;:'='echo fork bomb averted'


would that be an effective security strategy to avoid the Bash fork bomb execution or would there still be a way to execute it?



I suppose the question cashes out to: is there a way to execute a command when it's aliased to something else?




bash security alias




share|improve this question












If you were to globally set



alias ':():& ;:'='echo fork bomb averted'


would that be an effective security strategy to avoid the Bash fork bomb execution or would there still be a way to execute it?



I suppose the question cashes out to: is there a way to execute a command when it's aliased to something else?





bash security alias





share|improve this question











share|improve this question




share|improve this question










asked Aug 28 at 13:19









malan

553317




553317







  • 1




    @user1717828, a "fork bomb" is a program that simply runs new copies of itself, forever. The resulting exponential growth in the number of programs running usually causes something to break in short order.
    – Mark
    Aug 28 at 21:18






  • 1




    Even if this did work - it wouldn't protect against a program that calls fork() not going through bash?
    – UKMonkey
    Aug 29 at 9:20






  • 2




    :():&;:
    – Joshua
    Aug 29 at 17:25






  • 3




    Just run a() a;a
    – immibis
    Aug 29 at 23:12







  • 1




    You'd avoid the common form (if you'd get it to work at all), but there's a near infinite amount of variations on it possible.
    – Mast
    Aug 30 at 7:33













  • 1




    @user1717828, a "fork bomb" is a program that simply runs new copies of itself, forever. The resulting exponential growth in the number of programs running usually causes something to break in short order.
    – Mark
    Aug 28 at 21:18






  • 1




    Even if this did work - it wouldn't protect against a program that calls fork() not going through bash?
    – UKMonkey
    Aug 29 at 9:20






  • 2




    :():&;:
    – Joshua
    Aug 29 at 17:25






  • 3




    Just run a() a;a
    – immibis
    Aug 29 at 23:12







  • 1




    You'd avoid the common form (if you'd get it to work at all), but there's a near infinite amount of variations on it possible.
    – Mast
    Aug 30 at 7:33








1




1




@user1717828, a "fork bomb" is a program that simply runs new copies of itself, forever. The resulting exponential growth in the number of programs running usually causes something to break in short order.
– Mark
Aug 28 at 21:18




@user1717828, a "fork bomb" is a program that simply runs new copies of itself, forever. The resulting exponential growth in the number of programs running usually causes something to break in short order.
– Mark
Aug 28 at 21:18




1




1




Even if this did work - it wouldn't protect against a program that calls fork() not going through bash?
– UKMonkey
Aug 29 at 9:20




Even if this did work - it wouldn't protect against a program that calls fork() not going through bash?
– UKMonkey
Aug 29 at 9:20




2




2




:():&;:
– Joshua
Aug 29 at 17:25




:():&;:
– Joshua
Aug 29 at 17:25




3




3




Just run a() a;a
– immibis
Aug 29 at 23:12





Just run a() a;a
– immibis
Aug 29 at 23:12





1




1




You'd avoid the common form (if you'd get it to work at all), but there's a near infinite amount of variations on it possible.
– Mast
Aug 30 at 7:33





You'd avoid the common form (if you'd get it to work at all), but there's a near infinite amount of variations on it possible.
– Mast
Aug 30 at 7:33











4 Answers
4






active

oldest

votes

















up vote
51
down vote



accepted










The two, no, three, ... Amongst the main obstacles to that are:




  1. It's not a valid name for an alias. Bash's online manual:




    The characters ... and any of the shell metacharacters or quoting characters listed above may not appear in an alias name.




    (, ), &, | and whitespace are out in Bash 4.4.



  2. That particular string is not the only way to write a fork bomb in the shell, just famous because it looks obscure. For example, there's no need to call the function : instead of something actually composed of letters.


  3. If you could set the alias, the user could unset the alias, circumvent it by escaping the alias name on the command line, or disable aliases altogether, possibly by running the function in a script (Bash doesn't expand aliases in noninteractive shells).


  4. Even if the shell is restricted enough to stop all versions of a fork bomb, a general purpose system will have other programmable utilities that can recurse and fork off subprocesses. Got Perl or a C compiler? Easy enough. Even awk could probably do it. Even if you don't have those installed, you'll also need to stop the user from bringing in compiled binaries from outside the system, or running /bin/sh which probably needs to be a fully operational shell for the rest of the system to function.


Just use ulimit -u (i.e. RLIMIT_NPROC) or equivalent to restrict the number of processes a user can start. On most Linux systems there's pam_limits that can set the process count limit before any commands chosen by the user are started.



Something like this in /etc/security/limits.conf would put a hard limit of 50 processes to all users:



* hard nproc 50


(Stephen Kitt already mentioned point 1, Jeff Schaller mentioned 2 and 3.)






share|improve this answer






















  • Is it possible to write a fork bomb without &?
    – Stephen Kitt
    Aug 28 at 14:51






  • 4




    @StephenKitt I am not 100% sure but my guess is that bash is turing complete. If so there are likely infinite possibilities. For example you could parse ascii char-code 38 and execute it.
    – Marie
    Aug 28 at 16:57










  • @Marie in this particular context you’d also have to avoid any of the other forbidden characters while working around the & limitation.
    – Stephen Kitt
    Aug 28 at 17:30






  • 15




    My point was mainly that trying to blacklist bad functionality is a bad idea. There are almost always ways around.
    – Marie
    Aug 28 at 17:32






  • 2




    @Marie: Bash is quite certainly Turing complete.
    – Dennis Williamson
    Aug 29 at 20:58

















up vote
17
down vote













No. There are just too many ways to write a fork-bomb.



The evil fork-bomb writer will just try again with a different function name. Or other alterations until his fork-bomb succeeds.



The inadvertent fork-bomb writer won't produce the canonical fork-bomb in the first place.



It's actually rather easy to become an inadvertent fork-bomb writer yourself. For instance, you could just use recursive make with an external, unchecked cd, combining it with the -j option and non-existing subdirectories -- a real example I've stumbled upon once.



You cannot safeguard against all possibilities, and most certainly not against a determined attacker. All you will achieve is to increase the complexity of your system.






share|improve this answer





























    up vote
    14
    down vote













    You can’t alias a fork bomb, because it’s not a valid alias name:



    $ alias ':():& ;:'='echo fork bomb averted'
    bash: alias: `:():& ;:': invalid alias name



    The characters ‘/’, ‘$’, ‘`’, ‘=’ and any of the shell metacharacters or quoting characters listed above may not appear in an alias name.




    Some shells don’t check alias names when they’re declared, but when interpreting commands, and skip the invalid name then. A fork bomb will always include &, which can’t be included in a valid alias name, so protecting yourself in this way isn’t possible.






    share|improve this answer






















    • Whether a shell permits to set up this alias or not does not matter. Important is that even iff such an alias exists, it is not expanded while interpreting commands since the alias name does not match the permitted pattern. dash and bosh e.g. both silently ignore it.
      – schily
      Aug 28 at 13:46


















    up vote
    10
    down vote













    Twice, no.



    That's not the only way to write a fork-bomb.



    There's also several ways to execute "a command" when there's an alias:



    command the-command
    the-command


    Example:



    $ alias ls=not-really-ls
    $ ls
    -bash: not-really-ls: command not found
    $ ls
    jeff.html output.png
    $ command ls
    jeff.html output.png





    share|improve this answer






















    • Not related to main topic but why did ls show output.png but command ls didn't?
      – nxnev
      Aug 31 at 11:34










    • Well-spotted! That is, indeed, unrelated to the main topic. It's a classic PEBCAK error where I copy/mis-pasted (or cleaned up the output.png in-between). I'll fix it to minimize distractions. Thank you, @nxnev!
      – Jeff Schaller
      Aug 31 at 13:13










    Your Answer







    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "106"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: false,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













     

    draft saved


    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f465305%2fwould-globally-aliasing-the-fork-bomb-prevent-its-execution%23new-answer', 'question_page');

    );

    Post as a guest

















    4 Answers
    4






    active

    oldest

    votes








    4 Answers
    4






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    51
    down vote



    accepted










    The two, no, three, ... Amongst the main obstacles to that are:




    1. It's not a valid name for an alias. Bash's online manual:




      The characters ... and any of the shell metacharacters or quoting characters listed above may not appear in an alias name.




      (, ), &, | and whitespace are out in Bash 4.4.



    2. That particular string is not the only way to write a fork bomb in the shell, just famous because it looks obscure. For example, there's no need to call the function : instead of something actually composed of letters.


    3. If you could set the alias, the user could unset the alias, circumvent it by escaping the alias name on the command line, or disable aliases altogether, possibly by running the function in a script (Bash doesn't expand aliases in noninteractive shells).


    4. Even if the shell is restricted enough to stop all versions of a fork bomb, a general purpose system will have other programmable utilities that can recurse and fork off subprocesses. Got Perl or a C compiler? Easy enough. Even awk could probably do it. Even if you don't have those installed, you'll also need to stop the user from bringing in compiled binaries from outside the system, or running /bin/sh which probably needs to be a fully operational shell for the rest of the system to function.


    Just use ulimit -u (i.e. RLIMIT_NPROC) or equivalent to restrict the number of processes a user can start. On most Linux systems there's pam_limits that can set the process count limit before any commands chosen by the user are started.



    Something like this in /etc/security/limits.conf would put a hard limit of 50 processes to all users:



    * hard nproc 50


    (Stephen Kitt already mentioned point 1, Jeff Schaller mentioned 2 and 3.)






    share|improve this answer






















    • Is it possible to write a fork bomb without &?
      – Stephen Kitt
      Aug 28 at 14:51






    • 4




      @StephenKitt I am not 100% sure but my guess is that bash is turing complete. If so there are likely infinite possibilities. For example you could parse ascii char-code 38 and execute it.
      – Marie
      Aug 28 at 16:57










    • @Marie in this particular context you’d also have to avoid any of the other forbidden characters while working around the & limitation.
      – Stephen Kitt
      Aug 28 at 17:30






    • 15




      My point was mainly that trying to blacklist bad functionality is a bad idea. There are almost always ways around.
      – Marie
      Aug 28 at 17:32






    • 2




      @Marie: Bash is quite certainly Turing complete.
      – Dennis Williamson
      Aug 29 at 20:58














    up vote
    51
    down vote



    accepted










    The two, no, three, ... Amongst the main obstacles to that are:




    1. It's not a valid name for an alias. Bash's online manual:




      The characters ... and any of the shell metacharacters or quoting characters listed above may not appear in an alias name.




      (, ), &, | and whitespace are out in Bash 4.4.



    2. That particular string is not the only way to write a fork bomb in the shell, just famous because it looks obscure. For example, there's no need to call the function : instead of something actually composed of letters.


    3. If you could set the alias, the user could unset the alias, circumvent it by escaping the alias name on the command line, or disable aliases altogether, possibly by running the function in a script (Bash doesn't expand aliases in noninteractive shells).


    4. Even if the shell is restricted enough to stop all versions of a fork bomb, a general purpose system will have other programmable utilities that can recurse and fork off subprocesses. Got Perl or a C compiler? Easy enough. Even awk could probably do it. Even if you don't have those installed, you'll also need to stop the user from bringing in compiled binaries from outside the system, or running /bin/sh which probably needs to be a fully operational shell for the rest of the system to function.


    Just use ulimit -u (i.e. RLIMIT_NPROC) or equivalent to restrict the number of processes a user can start. On most Linux systems there's pam_limits that can set the process count limit before any commands chosen by the user are started.



    Something like this in /etc/security/limits.conf would put a hard limit of 50 processes to all users:



    * hard nproc 50


    (Stephen Kitt already mentioned point 1, Jeff Schaller mentioned 2 and 3.)






    share|improve this answer






















    • Is it possible to write a fork bomb without &?
      – Stephen Kitt
      Aug 28 at 14:51






    • 4




      @StephenKitt I am not 100% sure but my guess is that bash is turing complete. If so there are likely infinite possibilities. For example you could parse ascii char-code 38 and execute it.
      – Marie
      Aug 28 at 16:57










    • @Marie in this particular context you’d also have to avoid any of the other forbidden characters while working around the & limitation.
      – Stephen Kitt
      Aug 28 at 17:30






    • 15




      My point was mainly that trying to blacklist bad functionality is a bad idea. There are almost always ways around.
      – Marie
      Aug 28 at 17:32






    • 2




      @Marie: Bash is quite certainly Turing complete.
      – Dennis Williamson
      Aug 29 at 20:58












    up vote
    51
    down vote



    accepted







    up vote
    51
    down vote



    accepted






    The two, no, three, ... Amongst the main obstacles to that are:




    1. It's not a valid name for an alias. Bash's online manual:




      The characters ... and any of the shell metacharacters or quoting characters listed above may not appear in an alias name.




      (, ), &, | and whitespace are out in Bash 4.4.



    2. That particular string is not the only way to write a fork bomb in the shell, just famous because it looks obscure. For example, there's no need to call the function : instead of something actually composed of letters.


    3. If you could set the alias, the user could unset the alias, circumvent it by escaping the alias name on the command line, or disable aliases altogether, possibly by running the function in a script (Bash doesn't expand aliases in noninteractive shells).


    4. Even if the shell is restricted enough to stop all versions of a fork bomb, a general purpose system will have other programmable utilities that can recurse and fork off subprocesses. Got Perl or a C compiler? Easy enough. Even awk could probably do it. Even if you don't have those installed, you'll also need to stop the user from bringing in compiled binaries from outside the system, or running /bin/sh which probably needs to be a fully operational shell for the rest of the system to function.


    Just use ulimit -u (i.e. RLIMIT_NPROC) or equivalent to restrict the number of processes a user can start. On most Linux systems there's pam_limits that can set the process count limit before any commands chosen by the user are started.



    Something like this in /etc/security/limits.conf would put a hard limit of 50 processes to all users:



    * hard nproc 50


    (Stephen Kitt already mentioned point 1, Jeff Schaller mentioned 2 and 3.)






    share|improve this answer














    The two, no, three, ... Amongst the main obstacles to that are:




    1. It's not a valid name for an alias. Bash's online manual:




      The characters ... and any of the shell metacharacters or quoting characters listed above may not appear in an alias name.




      (, ), &, | and whitespace are out in Bash 4.4.



    2. That particular string is not the only way to write a fork bomb in the shell, just famous because it looks obscure. For example, there's no need to call the function : instead of something actually composed of letters.


    3. If you could set the alias, the user could unset the alias, circumvent it by escaping the alias name on the command line, or disable aliases altogether, possibly by running the function in a script (Bash doesn't expand aliases in noninteractive shells).


    4. Even if the shell is restricted enough to stop all versions of a fork bomb, a general purpose system will have other programmable utilities that can recurse and fork off subprocesses. Got Perl or a C compiler? Easy enough. Even awk could probably do it. Even if you don't have those installed, you'll also need to stop the user from bringing in compiled binaries from outside the system, or running /bin/sh which probably needs to be a fully operational shell for the rest of the system to function.


    Just use ulimit -u (i.e. RLIMIT_NPROC) or equivalent to restrict the number of processes a user can start. On most Linux systems there's pam_limits that can set the process count limit before any commands chosen by the user are started.



    Something like this in /etc/security/limits.conf would put a hard limit of 50 processes to all users:



    * hard nproc 50


    (Stephen Kitt already mentioned point 1, Jeff Schaller mentioned 2 and 3.)







    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited Aug 28 at 18:52

























    answered Aug 28 at 14:02









    ilkkachu

    50.8k678140




    50.8k678140











    • Is it possible to write a fork bomb without &?
      – Stephen Kitt
      Aug 28 at 14:51






    • 4




      @StephenKitt I am not 100% sure but my guess is that bash is turing complete. If so there are likely infinite possibilities. For example you could parse ascii char-code 38 and execute it.
      – Marie
      Aug 28 at 16:57










    • @Marie in this particular context you’d also have to avoid any of the other forbidden characters while working around the & limitation.
      – Stephen Kitt
      Aug 28 at 17:30






    • 15




      My point was mainly that trying to blacklist bad functionality is a bad idea. There are almost always ways around.
      – Marie
      Aug 28 at 17:32






    • 2




      @Marie: Bash is quite certainly Turing complete.
      – Dennis Williamson
      Aug 29 at 20:58
















    • Is it possible to write a fork bomb without &?
      – Stephen Kitt
      Aug 28 at 14:51






    • 4




      @StephenKitt I am not 100% sure but my guess is that bash is turing complete. If so there are likely infinite possibilities. For example you could parse ascii char-code 38 and execute it.
      – Marie
      Aug 28 at 16:57










    • @Marie in this particular context you’d also have to avoid any of the other forbidden characters while working around the & limitation.
      – Stephen Kitt
      Aug 28 at 17:30






    • 15




      My point was mainly that trying to blacklist bad functionality is a bad idea. There are almost always ways around.
      – Marie
      Aug 28 at 17:32






    • 2




      @Marie: Bash is quite certainly Turing complete.
      – Dennis Williamson
      Aug 29 at 20:58















    Is it possible to write a fork bomb without &?
    – Stephen Kitt
    Aug 28 at 14:51




    Is it possible to write a fork bomb without &?
    – Stephen Kitt
    Aug 28 at 14:51




    4




    4




    @StephenKitt I am not 100% sure but my guess is that bash is turing complete. If so there are likely infinite possibilities. For example you could parse ascii char-code 38 and execute it.
    – Marie
    Aug 28 at 16:57




    @StephenKitt I am not 100% sure but my guess is that bash is turing complete. If so there are likely infinite possibilities. For example you could parse ascii char-code 38 and execute it.
    – Marie
    Aug 28 at 16:57












    @Marie in this particular context you’d also have to avoid any of the other forbidden characters while working around the & limitation.
    – Stephen Kitt
    Aug 28 at 17:30




    @Marie in this particular context you’d also have to avoid any of the other forbidden characters while working around the & limitation.
    – Stephen Kitt
    Aug 28 at 17:30




    15




    15




    My point was mainly that trying to blacklist bad functionality is a bad idea. There are almost always ways around.
    – Marie
    Aug 28 at 17:32




    My point was mainly that trying to blacklist bad functionality is a bad idea. There are almost always ways around.
    – Marie
    Aug 28 at 17:32




    2




    2




    @Marie: Bash is quite certainly Turing complete.
    – Dennis Williamson
    Aug 29 at 20:58




    @Marie: Bash is quite certainly Turing complete.
    – Dennis Williamson
    Aug 29 at 20:58












    up vote
    17
    down vote













    No. There are just too many ways to write a fork-bomb.



    The evil fork-bomb writer will just try again with a different function name. Or other alterations until his fork-bomb succeeds.



    The inadvertent fork-bomb writer won't produce the canonical fork-bomb in the first place.



    It's actually rather easy to become an inadvertent fork-bomb writer yourself. For instance, you could just use recursive make with an external, unchecked cd, combining it with the -j option and non-existing subdirectories -- a real example I've stumbled upon once.



    You cannot safeguard against all possibilities, and most certainly not against a determined attacker. All you will achieve is to increase the complexity of your system.






    share|improve this answer


























      up vote
      17
      down vote













      No. There are just too many ways to write a fork-bomb.



      The evil fork-bomb writer will just try again with a different function name. Or other alterations until his fork-bomb succeeds.



      The inadvertent fork-bomb writer won't produce the canonical fork-bomb in the first place.



      It's actually rather easy to become an inadvertent fork-bomb writer yourself. For instance, you could just use recursive make with an external, unchecked cd, combining it with the -j option and non-existing subdirectories -- a real example I've stumbled upon once.



      You cannot safeguard against all possibilities, and most certainly not against a determined attacker. All you will achieve is to increase the complexity of your system.






      share|improve this answer
























        up vote
        17
        down vote










        up vote
        17
        down vote









        No. There are just too many ways to write a fork-bomb.



        The evil fork-bomb writer will just try again with a different function name. Or other alterations until his fork-bomb succeeds.



        The inadvertent fork-bomb writer won't produce the canonical fork-bomb in the first place.



        It's actually rather easy to become an inadvertent fork-bomb writer yourself. For instance, you could just use recursive make with an external, unchecked cd, combining it with the -j option and non-existing subdirectories -- a real example I've stumbled upon once.



        You cannot safeguard against all possibilities, and most certainly not against a determined attacker. All you will achieve is to increase the complexity of your system.






        share|improve this answer














        No. There are just too many ways to write a fork-bomb.



        The evil fork-bomb writer will just try again with a different function name. Or other alterations until his fork-bomb succeeds.



        The inadvertent fork-bomb writer won't produce the canonical fork-bomb in the first place.



        It's actually rather easy to become an inadvertent fork-bomb writer yourself. For instance, you could just use recursive make with an external, unchecked cd, combining it with the -j option and non-existing subdirectories -- a real example I've stumbled upon once.



        You cannot safeguard against all possibilities, and most certainly not against a determined attacker. All you will achieve is to increase the complexity of your system.







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Aug 31 at 11:22









        Jeff Schaller

        32.1k849109




        32.1k849109










        answered Aug 28 at 17:09









        cmaster

        2712




        2712




















            up vote
            14
            down vote













            You can’t alias a fork bomb, because it’s not a valid alias name:



            $ alias ':():& ;:'='echo fork bomb averted'
            bash: alias: `:():& ;:': invalid alias name



            The characters ‘/’, ‘$’, ‘`’, ‘=’ and any of the shell metacharacters or quoting characters listed above may not appear in an alias name.




            Some shells don’t check alias names when they’re declared, but when interpreting commands, and skip the invalid name then. A fork bomb will always include &, which can’t be included in a valid alias name, so protecting yourself in this way isn’t possible.






            share|improve this answer






















            • Whether a shell permits to set up this alias or not does not matter. Important is that even iff such an alias exists, it is not expanded while interpreting commands since the alias name does not match the permitted pattern. dash and bosh e.g. both silently ignore it.
              – schily
              Aug 28 at 13:46















            up vote
            14
            down vote













            You can’t alias a fork bomb, because it’s not a valid alias name:



            $ alias ':():& ;:'='echo fork bomb averted'
            bash: alias: `:():& ;:': invalid alias name



            The characters ‘/’, ‘$’, ‘`’, ‘=’ and any of the shell metacharacters or quoting characters listed above may not appear in an alias name.




            Some shells don’t check alias names when they’re declared, but when interpreting commands, and skip the invalid name then. A fork bomb will always include &, which can’t be included in a valid alias name, so protecting yourself in this way isn’t possible.






            share|improve this answer






















            • Whether a shell permits to set up this alias or not does not matter. Important is that even iff such an alias exists, it is not expanded while interpreting commands since the alias name does not match the permitted pattern. dash and bosh e.g. both silently ignore it.
              – schily
              Aug 28 at 13:46













            up vote
            14
            down vote










            up vote
            14
            down vote









            You can’t alias a fork bomb, because it’s not a valid alias name:



            $ alias ':():& ;:'='echo fork bomb averted'
            bash: alias: `:():& ;:': invalid alias name



            The characters ‘/’, ‘$’, ‘`’, ‘=’ and any of the shell metacharacters or quoting characters listed above may not appear in an alias name.




            Some shells don’t check alias names when they’re declared, but when interpreting commands, and skip the invalid name then. A fork bomb will always include &, which can’t be included in a valid alias name, so protecting yourself in this way isn’t possible.






            share|improve this answer














            You can’t alias a fork bomb, because it’s not a valid alias name:



            $ alias ':():& ;:'='echo fork bomb averted'
            bash: alias: `:():& ;:': invalid alias name



            The characters ‘/’, ‘$’, ‘`’, ‘=’ and any of the shell metacharacters or quoting characters listed above may not appear in an alias name.




            Some shells don’t check alias names when they’re declared, but when interpreting commands, and skip the invalid name then. A fork bomb will always include &, which can’t be included in a valid alias name, so protecting yourself in this way isn’t possible.







            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited Aug 28 at 13:59

























            answered Aug 28 at 13:22









            Stephen Kitt

            144k22313378




            144k22313378











            • Whether a shell permits to set up this alias or not does not matter. Important is that even iff such an alias exists, it is not expanded while interpreting commands since the alias name does not match the permitted pattern. dash and bosh e.g. both silently ignore it.
              – schily
              Aug 28 at 13:46

















            • Whether a shell permits to set up this alias or not does not matter. Important is that even iff such an alias exists, it is not expanded while interpreting commands since the alias name does not match the permitted pattern. dash and bosh e.g. both silently ignore it.
              – schily
              Aug 28 at 13:46
















            Whether a shell permits to set up this alias or not does not matter. Important is that even iff such an alias exists, it is not expanded while interpreting commands since the alias name does not match the permitted pattern. dash and bosh e.g. both silently ignore it.
            – schily
            Aug 28 at 13:46





            Whether a shell permits to set up this alias or not does not matter. Important is that even iff such an alias exists, it is not expanded while interpreting commands since the alias name does not match the permitted pattern. dash and bosh e.g. both silently ignore it.
            – schily
            Aug 28 at 13:46











            up vote
            10
            down vote













            Twice, no.



            That's not the only way to write a fork-bomb.



            There's also several ways to execute "a command" when there's an alias:



            command the-command
            the-command


            Example:



            $ alias ls=not-really-ls
            $ ls
            -bash: not-really-ls: command not found
            $ ls
            jeff.html output.png
            $ command ls
            jeff.html output.png





            share|improve this answer






















            • Not related to main topic but why did ls show output.png but command ls didn't?
              – nxnev
              Aug 31 at 11:34










            • Well-spotted! That is, indeed, unrelated to the main topic. It's a classic PEBCAK error where I copy/mis-pasted (or cleaned up the output.png in-between). I'll fix it to minimize distractions. Thank you, @nxnev!
              – Jeff Schaller
              Aug 31 at 13:13














            up vote
            10
            down vote













            Twice, no.



            That's not the only way to write a fork-bomb.



            There's also several ways to execute "a command" when there's an alias:



            command the-command
            the-command


            Example:



            $ alias ls=not-really-ls
            $ ls
            -bash: not-really-ls: command not found
            $ ls
            jeff.html output.png
            $ command ls
            jeff.html output.png





            share|improve this answer






















            • Not related to main topic but why did ls show output.png but command ls didn't?
              – nxnev
              Aug 31 at 11:34










            • Well-spotted! That is, indeed, unrelated to the main topic. It's a classic PEBCAK error where I copy/mis-pasted (or cleaned up the output.png in-between). I'll fix it to minimize distractions. Thank you, @nxnev!
              – Jeff Schaller
              Aug 31 at 13:13












            up vote
            10
            down vote










            up vote
            10
            down vote









            Twice, no.



            That's not the only way to write a fork-bomb.



            There's also several ways to execute "a command" when there's an alias:



            command the-command
            the-command


            Example:



            $ alias ls=not-really-ls
            $ ls
            -bash: not-really-ls: command not found
            $ ls
            jeff.html output.png
            $ command ls
            jeff.html output.png





            share|improve this answer














            Twice, no.



            That's not the only way to write a fork-bomb.



            There's also several ways to execute "a command" when there's an alias:



            command the-command
            the-command


            Example:



            $ alias ls=not-really-ls
            $ ls
            -bash: not-really-ls: command not found
            $ ls
            jeff.html output.png
            $ command ls
            jeff.html output.png






            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited Aug 31 at 13:14

























            answered Aug 28 at 13:24









            Jeff Schaller

            32.1k849109




            32.1k849109











            • Not related to main topic but why did ls show output.png but command ls didn't?
              – nxnev
              Aug 31 at 11:34










            • Well-spotted! That is, indeed, unrelated to the main topic. It's a classic PEBCAK error where I copy/mis-pasted (or cleaned up the output.png in-between). I'll fix it to minimize distractions. Thank you, @nxnev!
              – Jeff Schaller
              Aug 31 at 13:13
















            • Not related to main topic but why did ls show output.png but command ls didn't?
              – nxnev
              Aug 31 at 11:34










            • Well-spotted! That is, indeed, unrelated to the main topic. It's a classic PEBCAK error where I copy/mis-pasted (or cleaned up the output.png in-between). I'll fix it to minimize distractions. Thank you, @nxnev!
              – Jeff Schaller
              Aug 31 at 13:13















            Not related to main topic but why did ls show output.png but command ls didn't?
            – nxnev
            Aug 31 at 11:34




            Not related to main topic but why did ls show output.png but command ls didn't?
            – nxnev
            Aug 31 at 11:34












            Well-spotted! That is, indeed, unrelated to the main topic. It's a classic PEBCAK error where I copy/mis-pasted (or cleaned up the output.png in-between). I'll fix it to minimize distractions. Thank you, @nxnev!
            – Jeff Schaller
            Aug 31 at 13:13




            Well-spotted! That is, indeed, unrelated to the main topic. It's a classic PEBCAK error where I copy/mis-pasted (or cleaned up the output.png in-between). I'll fix it to minimize distractions. Thank you, @nxnev!
            – Jeff Schaller
            Aug 31 at 13:13

















             

            draft saved


            draft discarded















































             


            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f465305%2fwould-globally-aliasing-the-fork-bomb-prevent-its-execution%23new-answer', 'question_page');

            );

            Post as a guest
































































            -

            這個網誌中的熱門文章

            How to combine Bézier curves to a surface?

            圖片
            Clash Royale CLAN TAG #URR8PPP up vote 2 down vote favorite My aim is to smooth the terrain in a video game. Therefore I contrived an algorithm that makes use of Bézier curves of different orders. But this algorithm is defined in a two dimensional space for now. To shift it into the third dimension I need to somehow combine the Bézier curves. Given two curves in each two dimensions, how can I combine them to build a surface? I thought about something like a curve of a curve. Or maybe I could multiply them somehow. How can I combine them to cause the wanted behavior? Is there a common approach? In the image you can see the input, on the left, and the output, on the right, of the algorithm that works in a two dimensional space. For the real application there is a three dimensional input. The algorithm relays only on the adjacent tiles. Given these it will define the control points of the mentioned Bézier curve. Additionally it marks one side of the curve as inside t
            閱讀完整內容

            Why am i infinitely getting the same tweet with the Twitter Search API?

            圖片
            up vote 0 down vote favorite My code workes perfectly for other queries, but for one query I am infinitely getting the same tweet. I can't understand what the problem is. API call: query='Allergic asthma OR Nonallergic asthma OR Occupational asthma OR EIB OR Exercise-induced bronchoconstriction OR Nocturnal asthma OR Cough-variant asthma' new_tweets = api.search(q=searchQuery, count=100, since_id=since_id, lang='en',tweet_mode='extended') if not new_tweets: print("No more tweets found") break for tweet in new_tweets: if True: print(jsonpickle.encode(tweet._json, unpicklable=False)) my_file = open('searchTweets.txt','a') my_file.write(jsonpickle.encode(tweet._json, unpicklable=False)+'n') my_file.close() else: continue Output in file: https://pastebin.com/JmRCsTeE These are the JSONs of the same Tweet. Other queries that work: Breast cancer OR Prostate cancer OR Colon cancer OR Lung cancer Type 2 dia
            閱讀完整內容

            Is there any way to eliminate the singular point to solve this integral by hand or by approximations?

            圖片
            Clash Royale CLAN TAG #URR8PPP up vote 0 down vote favorite 1 $$int_0^1 (1+(x^-p-1)^1-p)^frac1pdx, pin mathbbR, pge 1$$ I find that $x=0,1$ are singular points(discontinuous points of this integral), is there a way to eliminate those singular points to make sure that this integral can be calculated by hand or by Taylor approximations. In either cases, what are those steps of calculating the integral? calculus real-analysis analysis approximation share | cite | improve this question edited Sep 11 at 5:07 asked Sep 11 at 4:48 Mclalalala 126 8 1 What is $p$? Please give more information to make it complete. – xbh Sep 11 at 5:02 @xbh already fixed it, thanks for reminding. – Mclalalala Sep 11 at 5:10 Seems that $0$ is not singular here… [I might compute wrong] – xbh Sep 11 at 5:30 @xbh can you show me how to get the close formula for the integral above? – Mclalalala Sep 11 at 5:33
            閱讀完整內容