>         1. The pid space is small (2^16 generally), so instead of targeting
>            a specific pid all the attacker has to do is target them all. This
>            is by no means hard on any modern system. Even increasing the pid
>            space to 2^32 won't increase the overall work required beyond
>            anything a modern system can't perform.

What about a way of disabling symlinks on a mounted partition altogether?
Or will this break too many programs to be useful?

Jared