Full Disclosure mailing list archives

Re: Attacks based on predictable process IDs??

From: Dirk Mueller <dmuell () gmx net>
Date: Thu, 27 Nov 2003 14:17:04 +0100

On Thursday 27 November 2003 09:26, Wojciech Purczynski wrote:

15 bits of randomness isn't sufficient to prevent guessing its value.


current linux kernels provide more than 15bit pids ( I think its 30 or 
31bits). Not much more, but it makes it slightly more difficult. 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Attacks based on predictable process IDs?? Brett Hutley (Nov 25)
- Re: Attacks based on predictable process IDs?? Christopher Allene (Nov 25)
  - Re: Attacks based on predictable process IDs?? Brett Hutley (Nov 25)
- Re: Attacks based on predictable process IDs?? Jirka Kosina (Nov 26)
  - Re: Attacks based on predictable process IDs?? Wojciech Purczynski (Nov 27)
    - Re: Attacks based on predictable process IDs?? Dirk Mueller (Nov 27)
    - Re: Attacks based on predictable process IDs?? Thomas Preissler (Nov 27)
    - Re: Attacks based on predictable process IDs?? Wojciech Purczynski (Nov 28)
    - Re: Attacks based on predictable process IDs?? Luis Bruno (Nov 28)
- Re: Attacks based on predictable process IDs?? Ron DuFresne (Nov 26)
- Re: Attacks based on predictable process IDs?? Brett Hutley (Nov 27)