From owner-freebsd-questions@FreeBSD.ORG Tue May 9 13:25:54 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0569316A41A for ; Tue, 9 May 2006 13:25:54 +0000 (UTC) (envelope-from nvass@teledomenet.gr) Received: from matrix.teledomenet.gr (dns1.teledomenet.gr [213.142.128.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 666DD43D45 for ; Tue, 9 May 2006 13:25:52 +0000 (GMT) (envelope-from nvass@teledomenet.gr) Received: from [192.168.1.71] ([192.168.1.71]) by matrix.teledomenet.gr (8.12.10/8.12.10) with ESMTP id k49DPpEY004408; Tue, 9 May 2006 16:25:51 +0300 From: Nikos Vassiliadis To: freebsd-questions@freebsd.org, nospam@mgedv.net Date: Tue, 9 May 2006 16:22:30 +0300 User-Agent: KMail/1.9.1 References: <000a01c67362$f3d1f3d0$01010101@avalon.lan> In-Reply-To: <000a01c67362$f3d1f3d0$01010101@avalon.lan> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200605091622.30492.nvass@teledomenet.gr> Cc: Subject: Re: kern.randompid: jot generation senseful? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 May 2006 13:25:54 -0000 On Tuesday 09 May 2006 15:20, No@SPAM@mgEDV.net wrote: > [asked on -security before, but no answer, maybe here's more traffic ;-)] > > hi, > > is a random pid generation really a security enhancement? > > if yes, would it make sense to setup something like: > --> sysctl kern.randompid=`jot -r 1 500 2000` > in cron to be executed every X mins/hrs? Isn't kern.randompid a boolean? TRUE or FALSE? > > and finally, what are the recommended minimum (security) > and maximum (performance) values for kern.randompid? It is just on or off. 1 means PIDs are random. 0 means PIDs are sequential. to be exact, everything not being 0, is TRUE. > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org"