Date: Mon, 29 Nov 1999 14:39:46 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: Kris Kennaway <kris@hub.freebsd.org> Cc: Dan Moschuk <dan@FreeBSD.ORG>, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/sys/i386/conf files.i386 src/sys/kern kern_fork.c src/sys/libkern arc4random.c src/sys/sys libkern.h Message-ID: <199911292239.OAA11977@apollo.backplane.com> References: <Pine.BSF.4.21.9911291431310.19254-100000@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
:> to increment when I look at 'ps' and 'jobs -l' output just as a
:> double check, and I'm sure other people do to.
:
:The big thing which randomized pids gives you is protection against
:tempfile guessing (e.g. /tmp/foo<pid>). We can't fix all of those bugs
:because they exist in a lot of third party code, including code without
:source.
:
:Kris
Not really. Example: fork/exec an suid program. You now know what
the pid is (the return valud of the fork). There is no need to guess,
and a randomized pid won't help you. In fact, you can TSTP the program
relatively easily since you are probably still the controlling terminal.
You can effectively exploit the window even without TSTPing or STOPing
the program.
The only time a randomized pid would help you is with historical
cron root-run code. But all of those holes have been fixed (we believe).
-Matt
Matthew Dillon
<dillon@backplane.com>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911292239.OAA11977>