Re: RFC/PATCH: Random pid generation

Mike Porter (mike@UDel.Edu)
Thu, 13 Jan 2000 15:36:29 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alexander L. Belikoff: "2.2.15pre1 - minor naming problem"
Previous message: Joe Cooper: "Very rapid inode leak in 2.2.14|13..."

> WRT the security issues; predictable pids have always assisted the cause
> of the cracker. Any extra difficulty we can generate is always
> useful. Obviously it's only worth considering for 32bit pids not 16bit.
>
> Cheers
> Chris

If you are going to use random pids to help prevent crackers from
guessing the next pid, then the method used to generate the random
numbers needs to be cryptographically secure. From what I
understand, this is pretty non-trivial (see: Yarrow at
http://www.counterpane.com/).

Mike

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alexander L. Belikoff: "2.2.15pre1 - minor naming problem"
Previous message: Joe Cooper: "Very rapid inode leak in 2.2.14|13..."