[Exim] What to do about non-monitonic process ids

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: exim-users
Subject: [Exim] What to do about non-monitonic process ids
Folks, I need some feedback.

It has been brought to my attention that the long-established Unix
tradition of allocating process ID numbers sequentially, and wrapping
around at some limit (usually 32767) is breaking down. OpenBSD
apparently no longer does this. It is argued that making the "next"
process id unpredictable improves security.

The problem is that Exim, along with a lot of other software, assumes
that the same process id will never be re-used within one second. This
assumption is used in Exim in two places: (i) in constructing message
ids; and (ii) in constructing unique file names, for maildir in
particular. (The original maildir "rules" suggested doing it this way.)

I was going to post some ideas for discussion here, but it got rather
long, so instead I have put them in a file at

http://cus.cam.ac.uk/~ph10/exim-pid-message

Feedback is invited. I guess it's best on the list so everybody can see
the discussion (if one ensues).

Philip

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.