Subject: Re: Random PID's
To: Jared D. McNeill <jmcneill@invisible.yi.org>
From: Jason R Thorpe <thorpej@zembu.com>
List: current-users
Date: 11/06/2000 12:01:50
On Mon, Nov 06, 2000 at 03:30:34PM -0400, Jared D. McNeill wrote:

 > I've seen programs use their PID to write files to /tmp before (I can't
 > remember any off-hand), I guess this makes things just a little bit harder
 > for people to exploit that. In risk of being flamed, I have to admit that
 > I do like some of the OpenBSD features such as this one. There isn't much
 > overhead, and every little bit helps I guess.

There have been at least a few criticisms of this "feature" I've seen
around (check the BUGTRAQ archives), and they all point out that this
"feature" doesn't buy you much.  If the program is written safely in the
first place, sequential PIDs are perfectly fine.  There is a penalty for
using random PIDs, especially on slower platforms (this includes modern
embedded CPUs!), and considering what little it buys you, that overhead
isn't really worth it.

-- 
        -- Jason R. Thorpe <thorpej@zembu.com>