On Thu, Mar 29, 2012 at 09:25:26AM -0700, Tim Bird wrote:Putting bogus pids in the log would allow a log DDOS-er to hide theirAt the moment, I'm not considering an alternative for logger that runs
completely in user-space. Having said that, this test is certainly interesting,
and may provide some performance numbers for logger or alternatives that would
be useful to compare.
I was just thinking what does an accurate PID actually get you? If you
looking at some logs with a PID of 20048, does that mean something to
you? It doesn't actually mean much because you can't map that back to
anything. If you have the device, and the process is still running then
you could look it up ..
So lets say logger was modified to record comm values.. That way you
could record the actual process name AND the pid. Well if you use
prctl(PR_SET_NAME), you can forge comm values. So that doesn't get you
So even if you record accurate PID values, it doesn't mean anything