Re: random PID generation

From: Heusden, Folkert van (
Date: Tue Feb 27 2001 - 05:35:57 EST

> I have already written a 2.2 implementation which does not suffer from
> problems.

Yes, someone pointed me at it. To be honest (and with all due respect): I
it to be a bit over-complicated. Like; in my opinion it's only usefull to
absolute random chosen PIDs, or not. Not all those options are needed in my

> It was rejected because Alan Cox (and others) felt it only provided
> security through obscurity.

Yeah, well, yeah. My patch wasn't actually ment to be included in the main-
kernel. I agree with the security-by-obscurity argument altough I think it's
_not ALWAYS_ a bad thing.
What I am trying to say is: I agree that sofware should be written so that
they can't be exploited in one way or another. But since software is written
by humans, it's likely that bugs stay always in. Furthermore; it's always
possible that in the future new exploits are invented which exploit things
the original programmer didn't think of, and also; new libcs might have
security-problems which affect your software. To prevent that your system
gets cracked by some script-kiddie, I found it a good thing to patch the
mainstream-kernel with patches that disable executable stacks, make the
/proc filesystem more restricted, etc. etc. And in my quest for creating a
secure-as-possible system which anticipates on future exploits I found that
using random PIDs is a good thing.
I hope I made myself clear; english is not my native language which makes
this a rather big chalenge.

Folkert van Heusden
[ ]
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

This archive was generated by hypermail 2b29 : Wed Feb 28 2001 - 21:00:13 EST