On Sun, 16 Jan 2000, Pavel Machek wrote:
> > > Sorry, alan. No. Unix is broken with this part.
> >
> > When you run as root, you run risks and have to be careful.
>
> No. You can't be carefull. Users have full chance to get you in this case.
Then don't run as root if you're that concerned.
> > thing about Unix is that it wraps pids and does _not_ pick random pids. You shouldn't
> > get around to the same pid for at least a reasonable amount of time, unless someone
> > is spawning processes _very_ fast.
>
> But someone probably _is_ spawning processes very fast if they want to
> screw you.
There are a number of generally more useful (to the 'evil' one) things that
can be done. In any case, perhaps coming up w/ a patch to allow for a 64bit PID,
and fixing up everything to use it, while not introducing any new security holes,
and fixing every program in existance that uses a pid will do what you want, but
I don't see much of a payoff for that much work.
> > > But that's wrong. Pavel may have seen you are going to kill his emacs
> > > and may have wrapped pids, killed his emacs himself, and you are now
> > > killing _your_ netscape you've just ran.
> >
> > Erm, too bad that's exactly what _doesn't_ happen under Unix. Your netscape
> > you just started will get a new pid, after the latest one taken. No matter if that
> > process died or not.
>
> I forgot to mention: of course _pavel_ is evil and created/killed just
> enough processes for PIDs to wrap in bad way.
If _pavel_ is evil, and got lucky enough to manage this, chances are
_pavel_ won't be around on that box much longer.
Stephen
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jan 23 2000 - 21:00:16 EST