Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for December 5, 2013
Deadline scheduling: coming soon?
LWN.net Weekly Edition for November 27, 2013
ACPI for ARM?
LWN.net Weekly Edition for November 21, 2013
If PIDs are increased sequentially, unrelated programs can use the rate
of process creation as a »covert channel« for (low-bandwidth)
communication. Randomised PIDs prevent that.
Posted Nov 20, 2009 12:28 UTC (Fri) by quotemstr (subscriber, #45331)
Posted Nov 20, 2009 12:43 UTC (Fri) by anselm (subscriber, #2796)
Maybe. Off the top of my head, the problems with that might be that
The main difference is that with sequentially numbered PIDs, the receiver
of the covert channel only needs to fork(2) periodically and look at the
returned child PID to find out how many processes have been created in the
meantime; it does not need to be able to find out how many processes are
running on the system, let alone be able to find out how many child
processes another process has (when a suitably hardened system may
prevent it from finding out any details about that process at all, which
is why the covert channel is necessary to begin with).
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds