In <Pine.SOL.4.05.10001131534070.19146-100000@copland.udel.edu> Mike Porter (mike@UDel.Edu) wrote:
>> WRT the security issues; predictable pids have always assisted the cause
>> of the cracker. Any extra difficulty we can generate is always
>> useful. Obviously it's only worth considering for 32bit pids not 16bit.
>>
>> Cheers
>> Chris
> If you are going to use random pids to help prevent crackers from
> guessing the next pid, then the method used to generate the random
> numbers needs to be cryptographically secure. From what I
> understand, this is pretty non-trivial (see: Yarrow at
> http://www.counterpane.com/).
Yes and no. It's non-trivial but it's in kernel anyway (there are exist
pool for /dev/random and it's very close to be "true cryptographically
secure"). Even if it's not "cryptographically secure" now it'll be fixed
when some problems will be discowered (it's used by GPG and thus it SHOULD
be secure!).
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Jan 15 2000 - 21:00:25 EST