On Fri, Sep 29, 2000 at 11:44:42PM +0200, Andries Brouwer wrote:
> There are a few weaknesses that can be exploited using a wraparound.
> With 100 processes/sec that takes 497 days with a 32-bit pid
> and 5 minutes with a 16-bit pid.
Surely the estimate of 100 forks/sec is low. I get 83 forks/sec on
a 486-75 and a Python program, just as an estimate. Besides,
vulnerabilities due to PID wrap should just plain get fixed, if only
because ports to a "lesser" unix might be made.
31- or 32-bit PIDs might be a convenience, but they don't furnish security
against wraparound attacks, they just make them take a little longer to
exploit.
Jeff
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.tux.org/lkml/
