Fork Bomb

A fork bomb is malicious or accidental code that spawns child processes recursively, doubling on each cycle until kernel limits, memory, or CPU are saturated and the system becomes unresponsive. The classic POSIX one-liner `:(){ :|:& };:` illustrates the pattern: a function calls two copies of itself and disowns them. Fork bombs do not propagate over networks like worms; they are localized, but very effective on multi-user hosts and CI runners. Mitigations include per-user process limits (`ulimit -u`, cgroups, PAM `pam_limits`), Linux cgroup PIDs controller, account isolation, untrusted-code sandboxes and rate-limiting of spawn syscalls.