I have just compiled a 2.6.19.2 kernel with grsecurity 2.1.10.
however, process ids are NOT randomized! in the kernel config menu, there is no option to change this, too.
what am I doing wrong? does this depend on other kernel features, and which?
thanks,
- Dave.
pids not randomized
4 posts
• Page 1 of 1
pids not randomized
by mr.fox » Sun May 20, 2007 2:26 pm
- mr.fox
- Posts: 2
- Joined: Sun May 20, 2007 2:20 pm
by mr.fox » Sun May 20, 2007 6:41 pm
d'oh! rtfm 
just out of curiosity, why is this suddenly considered to "not provide additional security"? from earlier versions:
"This is extremely effective along
with the /proc restrictions to disallow an attacker from guessing
pids of daemons, etc. PIDs are also used in some cases as part
of a naming system for temporary files, so this option would keep
those filenames from being predicted as well."
thanks.
- Dave
just out of curiosity, why is this suddenly considered to "not provide additional security"? from earlier versions:
"This is extremely effective along
with the /proc restrictions to disallow an attacker from guessing
pids of daemons, etc. PIDs are also used in some cases as part
of a naming system for temporary files, so this option would keep
those filenames from being predicted as well."
thanks.
- Dave
- mr.fox
- Posts: 2
- Joined: Sun May 20, 2007 2:20 pm
4 posts
• Page 1 of 1