Date: Wed, 01 Dec 1999 23:19:55 +0800 From: Peter Wemm <peter@netplex.com.au> To: Sheldon Hearn <sheldonh@uunet.co.za> Cc: arch@freebsd.org, "Jordan K. Hubbard" <jkh@zippy.cdrom.com>, Matthew Dillon <dillon@apollo.backplane.com>, billf@freebsd.org Subject: Re: cvs commit: src/sys/i386/conf files.i386 src/sys/kern kern_fork.c src/sys/libkern arc4random.c src/sys/sys libkern.h Message-ID: <19991201151955.CA04B1CA0@overcee.netplex.com.au> In-Reply-To: Message from Sheldon Hearn <sheldonh@uunet.co.za> of "Wed, 01 Dec 1999 10:31:34 %2B0200." <50754.944037094@axl.noc.iafrica.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Sheldon Hearn wrote: > > > On Mon, 29 Nov 1999, Jordan K. Hubbard wrote: > > > Not being able to predict pids (for useful purposes) would fall under > > the definition of "negative impact" for a number of admins. > > Doesn't the new behaviour come with a sysctl knob (off by default) for > controlling it? If so, what's all the fuss? At the risk of continuing the debate, what I would prefer would be a sysctl to define the range of a random increment to the nextpid, so there is an element of randomness still but you're going to get a steadily increasing set of pid's still. So, sysctl -w kern.randompid=1000 would get you an increment of between 1 and 1000 for each new process. You still end up with some randomness, but you still get increasing pids. The sysctl would accept a value between 0 (present behavior) and PID_MAX - 100. (I've added a wraparound and protected the pid's less than 100 like before). Using totally random pid's where the nextpid could be anywhere from 0 through 100000 means that the pidchecked code is getting very heavily excercised. That's a *lot* of list walking. Suggested patch at: http://overcee.netplex.com.au/~peter/randompid.diff A quick example where a process forks 5 children and prints the pid's: peter@t8000[11:16pm]-107> ./pid 0: child pid 242 1: child pid 243 2: child pid 244 3: child pid 245 4: child pid 246 root@t8000:[11:16pm]-100# sysctl -w kern.randompid=100 0 -> 100 peter@t8000[11:16pm]-108> ./pid 0: child pid 427 1: child pid 524 2: child pid 571 3: child pid 623 4: child pid 664 1000 or 10000 would be better for the more paranoid. Cheers, -Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991201151955.CA04B1CA0>