Date: Thu, 12 Jul 2001 12:51:18 -0700 From: Kris Kennaway <kris@obsecurity.org> To: rich@rdrose.org Cc: Peter Pentchev <roam@orbitel.bg>, freebsd-security@FreeBSD.ORG Subject: Re: kern.randompid Message-ID: <20010712125117.A6782@xor.obsecurity.org> In-Reply-To: <Pine.LNX.4.21.0107121953090.22325-100000@pkl.net>; from rich@rdrose.org on Thu, Jul 12, 2001 at 08:24:28PM %2B0100 References: <20010712183721.B849@ringworld.oblivion.bg> <Pine.LNX.4.21.0107121953090.22325-100000@pkl.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--PEIAKu/WMn1b1Hv9 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 12, 2001 at 08:24:28PM +0100, rich@rdrose.org wrote: > On Thu, 12 Jul 2001, Peter Pentchev wrote: > > The kern.randompid sysctl is not a boolean flag, but an estimate > > of the random value that will be added to each newly created pid. >=20 > Oh. That would make much more sense as to why it's not working. Having > been using OpenBSD though (where the pids can be anything between about 30 > and 32760), just adding a random amount between 1 and kern.randompid seems > not very random really. Please do correct me if this is wrong. It's a slight generalization of the algorithm which OpenBSD use (they use a hard-wired maximum value for the random PID skip). If you set the sysctl to whatever value they use, it works identically. > The comments in the code say "Using a modulus that is too big causes a LOT > more process table scans". What is "too big"? I had a quick peer at > kern_fork.c, and pidchecked is mentioned a lot, but nothing lept out at me > saying "which would make <foo> too big". I believe the comment means "the larger the number the more work the kernel needs to do to generate each new process ID" Kris --PEIAKu/WMn1b1Hv9 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7Tf+0Wry0BWjoQKURAu6QAKCQMyRL9tYI3lZBNVurMfAnBm1kQACcC01O uDbz9vnNc9ZQQtONYQII7jI= =b2qX -----END PGP SIGNATURE----- --PEIAKu/WMn1b1Hv9-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010712125117.A6782>