From owner-freebsd-bugs Wed Nov 4 00:10:02 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA14739 for freebsd-bugs-outgoing; Wed, 4 Nov 1998 00:10:02 -0800 (PST) (envelope-from owner-freebsd-bugs@FreeBSD.ORG) Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA14684 for ; Wed, 4 Nov 1998 00:09:59 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.8.8/8.8.5) id AAA11147; Wed, 4 Nov 1998 00:10:01 -0800 (PST) Date: Wed, 4 Nov 1998 00:10:01 -0800 (PST) Message-Id: <199811040810.AAA11147@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.ORG From: David Greenman Subject: Re: kern/8570: patch for randomised process id allocation Reply-To: David Greenman Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The following reply was made to PR kern/8570; it has been noted by GNATS. From: David Greenman To: ncb@attrition.org Cc: FreeBSD-gnats-submit@FreeBSD.ORG Subject: Re: kern/8570: patch for randomised process id allocation Date: Wed, 04 Nov 1998 00:01:06 -0800 > The incremental nature of current process id allocation can lend > itself to a number of potentially serious security problems. This > patch allocates a pid using the kernels random() function in > libkern. It is nearly the same as OpenBSD's equivalent, only > difference being that obsd uses the arc4random() PRNG. Sounds like a serious pessimization to me. You're going to need a lot of justification for the alleged improved security that this brings before I'll buy into it. -DG David Greenman Co-founder/Principal Architect, The FreeBSD Project To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message