Author: Chris Thompson Date: To: exim-users Subject: Re: [Exim] How unique are exim queue msg IDs?
Philip Hazel writes:
> On Fri, 3 Nov 2000, Dave C. wrote:
>
> > I will add a somewhat less exact, but simpler answer. I would
> > reasonably trust the exim spool ID to be unique for each message handle
> > by exim, even in a high-traffic situation. (It might even be possible
> > that it is guaranteed to be unique, but I would reserve the right to
> > make such guarantees to PH10 [The author of exim, in case you werent
> > aware])
>
> I guarantee it, provided that (a) you don't ever set the clock backwards
> and (b) your operating system doesn't re-use a process ID within one
> second. The uniqueness depends on a combination of time and receiving
> process id. Even if time goes backwards, or a process id is re-used
> within one second, you would still need an Exim receiving process to get
> that same re-used id for there to be duplication.
(b) is not as safe as it sounds, in the case of a deliberate attack. Most
Unix systems allocate new pids on the basis of a pointer that is certainly
likely to take a lot longer a second to complete a cycle. But there's
nothing to ensure that Exim's pid is a particularly *new* pid:
sleep (until pid pointer has almost cycled) && exec exim -options
