kern/50644: filemon(4) doesn't detect pid re-use

[paul%whooppee.com@localhost]

>Number:         50644
>Category:       kern
>Synopsis:       filemon(4) doesn't detect pid re-use
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Jan 11 02:15:00 +0000 2016
>Originator:     Paul Goyette
>Release:        NetBSD 7.99.25
>Organization:
+------------------+--------------------------+------------------------+
| Paul Goyette     | PGP Key fingerprint:     | E-mail addresses:      |
| (Retired)        | FA29 0E3B 35AF E8AE 6651 | paul at whooppee.com   |
| Kernel Developer | 0786 F758 55DE 53BA 7731 | pgoyette at netbsd.org |
+------------------+--------------------------+------------------------+
>Environment:
	
	
System: NetBSD pokey.whooppee.com 7.99.25 NetBSD 7.99.25 (POKEY 2015-12-23 05:05:48) #9: Wed Dec 23 15:10:44 PHT 2015 paul%pokey.whooppee.com@localhost:/build/netbsd-local/obj/amd64/sys/arch/amd64/compile/POKEY amd64
Architecture: x86_64
Machine: amd64
>Description:
	filemon(4) does not detect that a monitored process's pid
	can be re-used by a new, unrelated process.  As a result,
	filemon will monitor the events of the (new) process and
	all of its descendants without making any authentication
	checks.
	
>How-To-Repeat:
	Start filemon(4) for a given target.  Let that process
	exit (or terminate it via a signal).  Create significant
	process churn (creation/exit) until the original process's
	pid gets reused.
	
>Fix:
	Unknown.  filemon(4) needs to be totally reworked.
	

>Unformatted: