Re: 32-bit pid_t / security

From: Richard B. Johnson (root@chaos.analogic.com)
Date: Wed Oct 04 2000 - 10:59:17 EST


On Tue, 3 Oct 2000, Brett Frankenberger wrote:

> >
> > S/390 folks run 70,000 sessions active within the same 60 second period off
> > one big box. Not on Linux (yet ;)) but its worth bearing in mind.
>

Linux 2.2.17 only allows 255 processes at any one time. Is this a
'feature'. If so, there is no security to be gained by having 32-bit
pids wrap at 32-bits. Note they already are 32 bits.

Script started on Wed Oct 4 11:56:25 2000
cat zzz.c
#include <stdio.h>
#include <sys/types.h>
main() {
    printf("Length of pid_t is %u\n", sizeof(pid_t));
}
# gcc -o zzz zzz.c
# ./zzz
Length of pid_t is 4
# exit
exit

Script done on Wed Oct 4 11:56:44 2000

Script started on Wed Oct 4 11:48:14 2000
# cat xxx.c
#include <stdio.h>
#include <sys/wait.h>
#include <signal.h>
void reaper(int unused) {
    while(wait3(&unused, WNOHANG, 0) > 0)
          ;
}
main() {
   unsigned long count;
   count = 0;
   setgid(8888);
   setuid(8888);
   setsid();
   signal(SIGCHLD, reaper);
   for(;;) {
       switch(fork())
       {
       case 0:
           pause();
           exit(0);
       case -1:
           fprintf(stderr, "Can't fork any more after %lu processes\n", count);
           kill(-1, 9);
           exit(0);
       default:
           count++;
           break;
       }
   }
}
# gcc -o xxx xxx.c
# ./xxx
Can't fork any more after 255 processes

Cheers,
Dick Johnson

Penguin : Linux version 2.2.15 on an i686 machine (797.90 BogoMips).

"Memory is like gasoline. You use it up when you are running. Of
course you get it all back when you reboot..."; Actual explanation
obtained from the Micro$oft help desk.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sat Oct 07 2000 - 21:00:14 EST