zslg01 wrote:
how can I get Apple to address the vulnerability in Sonoma to a fork bomb? A simple one like in the Wikipedia page will crash MacOS
The “vulnerability” here is that any app — whether a shell script or any other language — can be coded in such a way to consume all available system resources; into a denial of service.
If you want to reduce that exposure, set ulimit -u lower, though there will always be opportunities for denial-of-service shenanigans.
I am aware of operating systems that implement process resource quotas and scheduler algorithms that can reduce the exposure to these denials-of-service, though someone then has to monitor and manage those quotas for the current and future app and system environments, and deal with cases where those quotas inevitably block legitimate operations.
This whole approach is closer to batch-oriented programming for those that are familiar with that, where numbers of processors and processes and process priority and other system resources can be constrained.
And if somebody has decent scheduling priority and enough processes to fill all the cores, things can still get sluggish.
And as sagely mentioned above, if somebody is sending a fork bomb your way, or some other denial-of-service, you likely have a security problem or a staff issue. Or quite possibly, both.
This all short of locking down macOS to approved apps, or of switching to iPad or iPhone and reviewed apps, or similar techniques, that is.