Re: kern.randompid

From: Kris Kennaway (kris@obsecurity.org)
Date: 07/12/01

• Next message: Ryan: "Re: FreeBSD 4.3 local root PREVENTIONS"
• Previous message: Fernando Gleiser: "RE: FreeBSD 4.3 local root PREVENTIONS"
• In reply to: rich@rdrose.org: "Re: kern.randompid"
• Next in thread: alexus: "sysctl"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 12 Jul 2001 12:51:18 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: rich@rdrose.org

On Thu, Jul 12, 2001 at 08:24:28PM +0100, rich@rdrose.org wrote:
> On Thu, 12 Jul 2001, Peter Pentchev wrote:
> > The kern.randompid sysctl is not a boolean flag, but an estimate
> > of the random value that will be added to each newly created pid.
>
> Oh. That would make much more sense as to why it's not working. Having
> been using OpenBSD though (where the pids can be anything between about 30
> and 32760), just adding a random amount between 1 and kern.randompid seems
> not very random really. Please do correct me if this is wrong.

It's a slight generalization of the algorithm which OpenBSD use (they
use a hard-wired maximum value for the random PID skip). If you set
the sysctl to whatever value they use, it works identically.

> The comments in the code say "Using a modulus that is too big causes a LOT
> more process table scans". What is "too big"? I had a quick peer at
> kern_fork.c, and pidchecked is mentioned a lot, but nothing lept out at me
> saying "which would make <foo> too big".

I believe the comment means "the larger the number the more work the
kernel needs to do to generate each new process ID"

Kris

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• application/pgp-signature attachment: stored

• Next message: Ryan: "Re: FreeBSD 4.3 local root PREVENTIONS"
• Previous message: Fernando Gleiser: "RE: FreeBSD 4.3 local root PREVENTIONS"
• In reply to: rich@rdrose.org: "Re: kern.randompid"
• Next in thread: alexus: "sysctl"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: kern.randompid ... On Thu, 12 Jul 2001, Peter Pentchev wrote: ... > The kern.randompid sysctl is not a boolean flag, ... > of the random value that will be added to each newly created pid. ... (FreeBSD-Security) Re: Someone help me understand this...? ... > OpenBSD does not consider a process 'tainted' if it changes credentials ... In OpenBSD, two flags are used to represent the credential change notion: ... Regarding specific signals: ... and you're using a stale pid. ... (freebsd-current) Re: [UPDATE] new pid allocation patch ... >> John Baldwin's proc lock commit today made my patch broken, ... >> The revised patch has been improved based on the feedback. ... Added a new sysctl value kern.pidmax to control the current pid ... (freebsd-current) Re: Is fork() hook ever possible? ... child's pid is needed. ... Currently OpenBSD does almost that checking getpid() every time ... the child? ... Calling getpidas OpenBSD ... (freebsd-current) [PATCH] Stackgap ... You can find an implementation of stackgap from OpenBSD at http:// ... You can control the range of the random stack gap with the ... kern.stackgap_random sysctl. ... (freebsd-arch)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint