People had been writing scripts (and possibly C programs) to run file
on a file,
capturing the output with $(file foobar)
or popen()
,
and doing a string match check
to see whether the output from file
contained (or ended with) the word “text”.
Then the developers of the Berkeley Software Distribution
(at the University of California, Berkeley) did as described
and caused all those scripts and programs
not to recognize shell script files as text files.
It is not something new. It dates way back to 1970's when it got introduced.
Quoting from here,
One of the earliest accounts of a fork bomb was at the University of
Washington on a Burroughs 5500 in 1969. It is described as a "hack"
named RABBITS that would make two copies of itself when it was run,
and these two would generate two more copies each, and the copies
would continue making more copies until memory was full, causing a
system crash. Q The Misanthrope wrote a Rabbit-like program using
BASIC in 1972 while in grade 7. Jerry Leichter of Yale University
describes hearing of programs similar to rabbits or fork bombs at his
Alma Mater of Princeton and says given his graduation date, they must
be from 1973 or earlier. An account dating to 1974 describes a program
actually named "rabbit" running on an IBM 360 system at a large firm
and a young employee who was discharged for running it.
So the :(){ :|:& };:
is just a way of implementing the fork bomb in shell. If you take some other programming language, you could implement in those languages as well. For instance, in python you could implement the fork bomb as,
import os
while True:
os.fork()
More ways of implementing the fork bomb in different languages can be found from the wikipedia link.
If you want to understand the syntax, it is pretty simple. A normal function in shell would look like,
foo(){
arg1=$1
arg2=$2
echo 'Bar..'
#do_something on $arg argument
}
fork()
bomb is defined as follows:
:(){
:|:&
};:
:|:
:|:
- Next it will call itself using programming technique called recursion and pipes the output to another call of the function :
. The worst part is function get called two times to bomb your system.
&
- Puts the function call in the background so child cannot die at all and start eating system resources.
;
- Terminate the function definition
:
- Call (run) the function aka set the fork() bomb.
Here is more human readable code:
bomb() {
bomb | bomb &
}; bomb
References
http://www.cyberciti.biz/faq/understanding-bash-fork-bomb/
Best Answer
Apt started its life around 1997 and entered Debian officially around 1999. During its early days, Jason Gunthorpe was its main maintainer/developer. Well, apparently Jason liked cows. I don't know if he still does. :-) Anyway, I think the
apt-get moo
thing was added by him as a joke. The correspondingaptitude
easter eggs (see below) were added later by Daniel Burrows as a homage, I think.If there is more to the story, Jason is probably the person to ask. He has (likely in response to this question) written a post on Google+. A small bit of it:
Also: