Subject: Re: rpc xid randomness
To: David Laight <>
From: Steven M. Bellovin <>
List: tech-security
Date: 09/07/2003 16:53:30
In message <>, David Laight writes:
>> 	why are we using (poorly-designed) pseudorandom number instead of
>> 	sequential number right now?
>I suspect because seqential xids get confused when a system reboots
>and immediately starts again the the same point.
>date ones are a problem if more that one has to be allocated in the
>same tick.

The obvious solution there is to use a counter that's initialized from 
the clock at reboot time.  We can't reboot in less than a tick...

		--Steve Bellovin,