Random-PIDS

Discuss and suggest new grsecurity features

Random-PIDS

Postby dermike » Tue Mar 05, 2002 9:04 pm

Was just wondering if anyone has managed to get random pids to take effect with the initial tasks (such as init, keventd, kswapd, kupdated, bdflush...etc)?

For example, a sample from my current process list:
root 1 0 0 Mar04 ? 00:00:04 init
root 2 1 0 Mar04 ? 00:00:01 [keventd]
root 3 1 0 Mar04 ? 00:11:30 [kapm-idled]
root 4 0 0 Mar04 ? 00:00:00 [ksoftirqd_CPU0]
root 5 0 0 Mar04 ? 00:00:09 [kswapd]
root 6 0 0 Mar04 ? 00:00:00 [bdflush]
root 7 0 0 Mar04 ? 00:00:01 [kupdated]
root 8 1 0 Mar04 ? 00:00:00 [khubd]
root 9 1 0 Mar04 ? 00:00:00 [kjournald]
root 27442 1 0 Mar04 ? 00:00:00 [kjournald]
root 26101 1 0 Mar04 ? 00:00:01 [kjournald]
root 16067 1 0 Mar04 ? 00:00:00 /usr/sbin/syslog-ng
root 6981 1 0 Mar04 ? 00:00:00 /usr/sbin/klogd -c 3

Not knowing the PIDs for these would add some additional security through obscurity.

Just asking before I duplicate any effort in trying to enable this.

Thanks
Mike
dermike
 
Posts: 6
Joined: Mon Mar 04, 2002 6:56 pm

re:

Postby spender » Tue Mar 05, 2002 9:08 pm

the initial processes are different than regular processes. Those are kernel threads, and do not use regular pid handing code. It's not necessary that grsecurity randomize those pids anyway, as the code is really just meant to add greater randomness to programs that use getpid() as a random seed or for writing to /tmp.
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm

also

Postby spender » Tue Mar 05, 2002 9:09 pm

also, init's pid always has to be one...the kernel and many programs count on that. swapper (which you don't see) has a pid of 0.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm


Return to grsecurity development

cron