Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 29 Nov 1999 18:13:23 -0800 (PST)
From:      Matthew Dillon <dillon@apollo.backplane.com>
To:        Warner Losh <imp@village.org>
Cc:        cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG
Subject:   Re: cvs commit: src/sys/i386/conf files.i386 src/sys/kern kern_fork.c src/sys/libkern arc4random.c src/sys/sys libkern.h 
Message-ID:  <199911300213.SAA13910@apollo.backplane.com>
References:  <199911292344.PAA12574@apollo.backplane.com>  <199911292239.OAA11977@apollo.backplane.com> <Pine.BSF.4.21.9911291431310.19254-100000@hub.freebsd.org> <199911292335.QAA97810@harmony.village.org>  <199911300129.SAA98529@harmony.village.org>

next in thread | previous in thread | raw e-mail | index | archive | help

::     publically readable.  You can obtain a list of pid's from that,
::     figure out which one is new, and still win the race.
:: 
::     You see?  Randomizing pid's is *very* weak security.
:
:It increase the amount of work needed to find out the pid in question.
:This reduces the chances of winning the race to create the symbolic
:links.  The sequential pids make this sort of attack trivial.  An

    I don't think this is really increasing the amount of work required.
    Even without /proc all a person has to do is load up 25% or 20% or
    some percentage of links and he can still break root, with or without
    random pids.

    Partial security solutions thus do not necessarily make your system
    security better, they can have the opposite effect as well:  Security
    bugs may not be found quickly enough due to the added obscurity due to
    the partial solution, leaving your doors wide open without you necessarily
    knowing it or leaving you with a false sense of security.

    Given the choice, I prefer a strong solution or at least a medium 
    solution.  A weak solution is useless.

						-Matt



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911300213.SAA13910>