From: "Heusden, Folkert van" <f.v.heusden@ftr.nl>
To: Linux Kernel Development <linux-kernel@vger.kernel.org>, ahu@ds9a.nl
Subject: Re: random PID generation
Date: Fri, 23 Feb 2001 14:20:27 +0100 [thread overview]
Message-ID: <27525795B28BD311B28D00500481B7601F0EF4@ftrs1.intranet.ftr.nl> (raw)
>> I wrote a patch against 2.2.18 and 2.4.1 to have the kernel generate
>> random PIDs. You can find it at http://vanheusden.com/Linux/security.php3
>> (amongst other patches). Beware: pretty much experimental and likely to
>> make your linux-pc perform like a win95 platform.
> Well - I'm not sure that this is a good idea. When PIDs increase
> monotonically, chances are very small that the race condition implicit in
> sending any signal to a process results in killing the wrong process (ie,
a
> new process, but with the same PID) - you'd need to zoom through 32000
PIDs
> in a very short time to make this happen.
> With truly random PIDs, there is a much larger chance of a new process
> sitting on a recently used PID.
My code runs trough the whole task_list to see if a chosen pid is already
in use or not.
> What would work is to have cryptographically randomly generated PIDs which
> would then guarantee not to return a previously returned number within
32000
> tries, and also not be predictable - there must be algoritms out there
which
> do this.
That's also an option!
But for simplicity-sake, I used the get_random_bytes() function (from
the /dev/random-device) combined with a loop. It's a simplistic hack, but
it'll work for my paranoia mind :o)
Greetings,
Folkert van Heusden
next reply other threads:[~2001-02-23 13:12 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-02-23 13:20 Heusden, Folkert van [this message]
2001-02-23 14:18 ` random PID generation bert hubert
-- strict thread matches above, loose matches on Subject: below --
2001-02-27 10:35 Heusden, Folkert van
2001-02-23 15:34 Heusden, Folkert van
2001-02-23 15:40 ` Matt Johnston
2001-02-23 17:14 ` Sean Hunter
2001-02-23 17:50 ` Richard B. Johnson
2001-02-22 15:35 Heusden, Folkert van
2001-02-22 22:24 ` bert hubert
2001-02-22 21:42 ` H. Peter Anvin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=27525795B28BD311B28D00500481B7601F0EF4@ftrs1.intranet.ftr.nl \
--to=f.v.heusden@ftr.nl \
--cc=ahu@ds9a.nl \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).