From owner-freebsd-security@FreeBSD.ORG Tue Feb 2 18:34:16 2010 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 52E641065676 for ; Tue, 2 Feb 2010 18:34:16 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from tarsier.geekcn.org (tarsier.geekcn.org [IPv6:2001:470:a803::1]) by mx1.freebsd.org (Postfix) with ESMTP id F29B38FC19 for ; Tue, 2 Feb 2010 18:34:15 +0000 (UTC) Received: from mail.geekcn.org (tarsier.geekcn.org [211.166.10.233]) by tarsier.geekcn.org (Postfix) with ESMTP id A127FA66E9C; Wed, 3 Feb 2010 02:34:14 +0800 (CST) X-Virus-Scanned: amavisd-new at geekcn.org Received: from tarsier.geekcn.org ([211.166.10.233]) by mail.geekcn.org (mail.geekcn.org [211.166.10.233]) (amavisd-new, port 10024) with LMTP id rYglj7HDAoYU; Wed, 3 Feb 2010 02:34:08 +0800 (CST) Received: from delta.delphij.net (drawbridge.ixsystems.com [206.40.55.65]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by tarsier.geekcn.org (Postfix) with ESMTPSA id D04A0A66EA3; Wed, 3 Feb 2010 02:34:06 +0800 (CST) DomainKey-Signature: a=rsa-sha1; s=default; d=delphij.net; c=nofws; q=dns; h=message-id:date:from:reply-to:organization:user-agent: mime-version:to:subject:references:in-reply-to:x-enigmail-version:openpgp: content-type:content-transfer-encoding; b=IzLGb5zK0WQorcyly+5gwK9/cC/hoXx3RuazMVjlAucPjKFmkSHLvZbMY80/QEmN7 XZBhM3t8EqkLJwEPTdACg== Message-ID: <4B687019.2040008@delphij.net> Date: Tue, 02 Feb 2010 10:34:01 -0800 From: Xin LI Organization: The Geek China Organization User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.1.7) Gecko/20100122 Thunderbird/3.0.1 ThunderBrowse/3.2.8.1 MIME-Version: 1.0 To: freebsd-security@freebsd.org References: <4B6807FE.30106@minibofh.org> In-Reply-To: <4B6807FE.30106@minibofh.org> X-Enigmail-Version: 1.0 OpenPGP: id=3FCA37C1; url=http://www.delphij.net/delphij.asc Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Subject: Re: kern.randompid sysctl value X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: d@delphij.net List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Feb 2010 18:34:16 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Jordi, On 2010/02/02 03:09, Jordi Espasa Clofent wrote: > HI, > > 1. ¿What's the real value (in terms of security) of the random PIDs > feature? > > According to this book > > http://books.google.es/books?id=gqKwaHmXp4YC&pg=PA50&lpg=PA50&dq=random+pids+security&source=bl&ots=jimAeOQK2Q&sig=WrsBiMAxU-lUCM3pdCjtIYfmiIo&hl=es&ei=OwVoS4nwGMeOjAek5ZCvCQ&sa=X&oi=book_result&ct=result&resnum=9&ved=0CCsQ6AEwCA#v=onepage&q=random%20pids%20security&f=false > > > I understand that the random PIDs wil be a good security measure against > some exploits (books says "race conditions"). OpenBSD folks (focused on > security) have the random PIDs by defaul, so > > ¿why Freebsd don't use it by default? Hmm... My personal impression is that random PID won't help much, and management scripts may expect the PID won't be recycled too early, say, on a busy server. If PIDs are allocated sequentially, we can expect long time before one given PID will be used; with randomized allocation, we can never tell since it is expensive to have kernel tell whether the PID is being used, say, 1000 processes before. > 2. ¿What will be a real secure value for sysctl parameter? I mean > 'kern.randompid' isn't a boolean, but a large number which determines > the numeric range to generate de random PIDs. ¿1000, 10000, 100000? It's a modules number. The kernel will adjust it for you if you specify a too large number, e.g. 100k. > Thanks in advance for aclarations. > > PD. I've real this old post > http://marc.info/?l=freebsd-security&m=99495048923300&w=2. Interesting. I think Peter's reply still apply... Cheers, - -- Xin LI http://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iQEcBAEBAgAGBQJLaHAZAAoJEATO+BI/yjfB9c4H/An0Zpxh6ZNaKO1RvYfC9dBb zTKKND9TBvFIzgIrfI7bTjdoSoFeJumpDRJ9MBrHcc5bwEfFD7yC8FFmdJKVEAna u6uvu3ZR1wsaPRy4AVFPTGWrclFA7mTdB2nehJwMbXLAWclpoydG6gm1oxFKAOYi epw3bwnjMLzkKuax84LVKtawF/0jr4fn/w3YpqZudCOYdD1LCtiFm/o0h6yhP8SN dYAEUQ8h6WpcJOsqgbTB1SK+3eoK/7upwheEt0TLkbp2XX+0I35O0mJrBvn+Fbzy VEEpSj6qoqLv6Pa3zfjM4YTc4ldgmqheCzDH57dZ7juDrveF2lOwSXG5tXtjc4o= =IMZA -----END PGP SIGNATURE-----