See http://www.openbsd.org/cgi-bin/cvsweb/src/sys/kern/kern_fork.c
Revision 1.8 was the change.
Thanks...
I was a little worried it might be an LFSR (I guess you would have mentioned
by now if it did....).
Anyhow... I assume they are using rc4 so assuming the initial state is kept
secret these should be fairly hard to guess - only, it doesn't satisfy
Dean's desired criterion that no PID be re-used within a short amount of
time.
Especially since we only have 15 bit PIDs available. Now, if we fork like
crazy we can burn a few thousand of these in a fairly short amount of time,
making a check the last n PIDs system too expensive, so statistically re-use
of a number could be made occur if one desired.
I'm not sure how much of a problem this is, but presumably someone with a
shell account of the same machine as something running apache could perform
some kind of DoS attack. (I've not looked at the apache source). That said,
the level of forking required would probably not go unnoticed.
PID Re-use (within an small amount of time) will occur under heaving forking
every now and then anyhow.
Maybe this is left until we have 32bit PIDs (and threads hopefully).
-Chris
P.S. I can fork about 732 times/sec on my machine. This doesn't look good
for re-use if we only have 15 bits.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu