From: Tomas Szepe <szepe@pinerecords.com>
To: "Heusden van, FJJ (Folkert)" <F.J.J.Heusden@rn.rabobank.nl>
Cc: Roy Sigurd Karlsbakk <roy@karlsbakk.net>,
Linux Kernel Development <linux-kernel@vger.kernel.org>
Subject: Re: random PID patch
Date: Mon, 11 Nov 2002 11:17:57 +0100 [thread overview]
Message-ID: <20021111101757.GB285@louise.pinerecords.com> (raw)
In-Reply-To: <11D18E6D1073547-1319@_rabobank.nl_>
> > I've ported my random-PID-patch from 2.2.19 to 2.4.19.
> > It should be downloadable from
> > http://www.vanheusden.com/Linux/fp-2.4.19.patch.gz
> > (or follow the link from
> > http://www.vanheusden.com/Linux/kernel_patches.php3 )
> RSK> hm
> RSK> what's the point of random PIDs?
>
> Sometimes, (well; frequently) programs that create temporary
> files let the filename depend on their PID. A hacker could use
> that knowledge. So if you know that the application that
> you're starting uses the last PID+1, you could make sure that
> that file already exists or create a symlink with that name or
> whatsoever causing the application you're starting to do
> things it's not supposed to. Like forcing suid apps to create
> a file in the startup-scripts dir. or something.
How about I create 2^15 symlinks then?
Really, the only true solution to this problem is to fix the apps.
--
Tomas Szepe <szepe@pinerecords.com>
next prev parent reply other threads:[~2002-11-11 10:11 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-11-11 10:12 random PID patch Heusden van, FJJ (Folkert)
2002-11-11 10:17 ` Tomas Szepe [this message]
2002-11-11 13:10 ` Alan Cox
2002-11-12 17:42 ` Pavel Machek
-- strict thread matches above, loose matches on Subject: below --
2002-11-11 10:20 Heusden van, FJJ (Folkert)
2002-11-11 10:14 Grzegorz Jaskiewicz
2002-11-11 8:40 Heusden van, FJJ (Folkert)
2002-11-11 9:57 ` Roy Sigurd Karlsbakk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20021111101757.GB285@louise.pinerecords.com \
--to=szepe@pinerecords.com \
--cc=F.J.J.Heusden@rn.rabobank.nl \
--cc=linux-kernel@vger.kernel.org \
--cc=roy@karlsbakk.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.