Subject: Re: rpc xid randomness
To: None <tech-security@NetBSD.org, tech-userlevel@NetBSD.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-security
Date: 09/07/2003 17:00:35
>> date ones are a problem if more that one has to be allocated in the
>> same tick.
> The obvious solution there is to use a counter that's initialized
> from the clock at reboot time.  We can't reboot in less than a
> tick...

No, but if more than one xid per tick is needed over the long term, the
xids will get ahead of the clock, and then on reboot it will start
reusing xids that were used recently.

How plausible it is to demand more than one xid per tick over the long
term is a question that depends on way too many things for me to take
more than wild stabs at it.  My guess would be that most systems won't
but that some will.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B