From owner-freebsd-bugs  Tue Nov 10 19:40:28 1998
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id TAA00774
          for freebsd-bugs-outgoing; Tue, 10 Nov 1998 19:40:28 -0800 (PST)
          (envelope-from owner-freebsd-bugs@FreeBSD.ORG)
Received: from localhost.zilker.net (jump-tnt-0033.customer.jump.net [207.8.127.33])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA00768
          for <freebsd-bugs@freebsd.org>; Tue, 10 Nov 1998 19:40:21 -0800 (PST)
          (envelope-from marquard@zilker.net)
Received: (from marquard@localhost)
	by localhost.zilker.net (8.8.8/8.8.8) id VAA09750;
	Tue, 10 Nov 1998 21:40:03 -0600 (CST)
	(envelope-from marquard)
To: freebsd-bugs@FreeBSD.ORG
Subject: Re: kern/8570: patch for randomised process id allocation
References: <199811040526.XAA15378@diginix.net>
From: Dave Marquardt <marquard@zilker.net>
Date: 10 Nov 1998 21:39:19 -0600
In-Reply-To: root@diginix.net's message of "Tue, 3 Nov 1998 23:26:00 -0600 (CST)"
Message-ID: <85af1yhp94.fsf@localhost.zilker.net>
Lines: 12
X-Mailer: Quassia Gnus v0.22/XEmacs 19.16 - "Lille"
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

root@diginix.net writes:
> 	The incremental nature of current process id allocation can lend
> 	itself to a number of potentially serious security problems. This
> 	patch allocates a pid using the kernels random() function in
> 	libkern. It is nearly the same as OpenBSD's equivalent, only
> 	difference being that obsd uses the arc4random() PRNG.

Wow!  How much pathlength does this patch add to fork()?  Sounds like
a lot to me.  I agree with David Greenman--justify this in a big way
before you add all this extra pathlength to fork().

-Dave

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message