> There have been at least a few criticisms of this "feature" I've seen
> around (check the BUGTRAQ archives), and they all point out that this
> "feature" doesn't buy you much.  If the program is written safely in the
> first place, sequential PIDs are perfectly fine.  There is a penalty for
> using random PIDs, especially on slower platforms (this includes modern
> embedded CPUs!), and considering what little it buys you, that overhead
> isn't really worth it.

In order for random pids to actually work as a useful defense against
tmp-filename-guessing attacks, the pid space has to be increased
dramatically.  it would be trivial for an attacker to create *all
possible* temp files as symlinks if there are only 2**15 possible
pids/temp filenames.

Even 32-bit random pids are a bit small for that..  

					- Bill