Re: random PID generation

From: bert hubert (ahu@ds9a.nl)
Date: Thu Feb 22 2001 - 17:24:23 EST


On Thu, Feb 22, 2001 at 04:35:35PM +0100, Heusden, Folkert van wrote:
> Hi,

Hi Folkert!

> I wrote a patch against 2.2.18 and 2.4.1 to have the kernel generate
> random PIDs. You can find it at http://vanheusden.com/Linux/security.php3
> (amongst other patches). Beware: pretty much experimental and likely to
> make your linux-pc perform like a win95 platform.

Well - I'm not sure that this is a good idea. When PIDs increase
monotonically, chances are very small that the race condition implicit in
sending any signal to a process results in killing the wrong process (ie, a
new process, but with the same PID) - you'd need to zoom through 32000 PIDs
in a very short time to make this happen.

With truly random PIDs, there is a much larger chance of a new process
sitting on a recently used PID.

What would work is to have cryptographically randomly generated PIDs which
would then guarantee not to return a previously returned number within 32000
tries, and also not be predictable - there must be algoritms out there which
do this.

Regards,

bert

-- 
http://www.PowerDNS.com      Versatile DNS Services  
Trilab                       The Technology People   
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Fri Feb 23 2001 - 21:00:28 EST