Le 2015-05-27 14:29, Kenneth Gober a écrit :
On Wed, May 27, 2015 at 5:18 AM, Simon
<openbsd.li...@whitewinterwolf.com> wrote:
So do you confirm that random PID is actually not a security measure?
It is often presented as is, but it would not be the first time that
some
wrong rumors get widespread enough to become accepted as a truth by
most
people.
language isn't an exact thing. words can mean different things to
different
people, or different things to the same people in different contexts.
I would consider PID randomization to be a security "measure", although
I would not consider it a "solution" or "fix" to the problem it
addresses. rather,
it is a "mitigation" that reduces the severity of a problem without
actually
fixing it.
whether you think of it as a security "measure" depends on whether you
define a "measure" as a "fix", or a "mitigation", or as either/both.
where we get into trouble is when people mistake it for a "fix" and
believe
that they no longer need to worry about this problem. that is false.
-ken
I agree with you Ken. I see PID randomization like stack protection for
instance: in the best world a software should have no bug and should not
be vulnerable to any buffer overflow, however in a real world there are
still vulnerable software around and here such protection may help.
The same principle also apply for PID generation method: normally it
should not even matter if PID were sequential, fully random or
pseudo-random, but the reality is that there are still bugs around and
still vulnerable software around, and that the OS may implement systems
mitigating such risks.
