[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Attacks based on predictable process IDs??

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] Attacks based on predictable process IDs??
From: Thomas Preissler <tomjohn@gmx.de>
Date: Thu, 27 Nov 2003 15:04:51 +0100

Hello Dirk,

* Dirk schrieb am 27.11.2003:

> On Thursday 27 November 2003 09:26, Wojciech Purczynski wrote:
> 
> > 15 bits of randomness isn't sufficient to prevent guessing its value.
> 
> current linux kernels provide more than 15bit pids ( I think its 30 or 
> 31bits). Not much more, but it makes it slightly more difficult. 

http://www.kniggit.net/wwol26.html, "Scalability Improvements"

...
The number of PIDs (Process IDs) before wraparound has been bumped
up from 32,000 to 1 billion, [...]
...

Greets,
Tom

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] Attacks based on predictable process IDs??
  - From: Wojciech Purczynski <cliph@isec.pl>
- Re: [Full-Disclosure] Attacks based on predictable process IDs??
  - From: Dirk Mueller <dmuell@gmx.net>

Prev by Date: Re: [Full-Disclosure] Attacks based on predictable process IDs??
Next by Date: Re: [Full-Disclosure] Nokia IPSO
Previous by thread: Re: [Full-Disclosure] Attacks based on predictable process IDs??
Next by thread: Re: [Full-Disclosure] Attacks based on predictable process IDs??
Index(es):
- Date
- Thread