1. Home
2. Questions
3. Unanswered
4. AI Assist
5. Tags
7. Chat
8. Users
10. Companies
Stack Internal

Stack Overflow for Teams is now called Stack Internal. Bring the best of human thought and AI automation together at your work.
Try for free Learn more
Stack Internal
Bring the best of human thought and AI automation together at your work. Learn more

Timeline for answer to Does deterministically random PIDs solve the problems of truely random PIDs? by DannyNiu

Current License: CC BY-SA 4.0

Post Revisions

18 events

when toggle format	what		by	license	comment
May 31, 2025 at 14:32	history	edited	DannyNiu	CC BY-SA 4.0	added 369 characters in body
May 31, 2025 at 14:21	history	edited	DannyNiu	CC BY-SA 4.0	added 165 characters in body
May 31, 2025 at 13:26	comment	added	Steffen Ullrich		Let us continue this discussion in chat.
May 31, 2025 at 13:14	history	edited	DannyNiu	CC BY-SA 4.0	added 17 characters in body
May 31, 2025 at 13:01	comment	added	DannyNiu		@SteffenUllrich What's false is the assumption, not whether rPID solved problem, which was what's debated. I didn't mention what problem it solved because it'd duplicate info in the answer in the linked Q in OP; but since you suggested improvement, I added a bit of it, along with the linked website in your previous comment in my answer's revision.
May 31, 2025 at 12:57	history	edited	DannyNiu	CC BY-SA 4.0	added 524 characters in body
May 31, 2025 at 12:42	comment	added	Steffen Ullrich		So you changed it from "false premise" to "false assumption .. but debated"? Looks like for me like a contradiction, either it is clearly false or it is debated. Apart from that you mention that some claim "that it originally solved problems" but don't actually mention which problems it was claimed to solve (whiich could then be the basis for arguing if it actually does solve these problems or if these were relevant problems) while instead arguing about some problems it does not solve but probably never was intended to solve.
May 31, 2025 at 12:23	comment	added	DannyNiu		@SteffenUllrich I reworded the sentence below the quote of the title of the Q. That line isn't meant to serve as an argument by itself.
May 31, 2025 at 12:22	history	edited	DannyNiu	CC BY-SA 4.0	added 17 characters in body
May 31, 2025 at 12:13	comment	added	Steffen Ullrich		I'm not claiming that random pid are actual (still) useful. I only say that your arguments are wrong. You don't even consider what problem/attacks random pid were intended to solve. A possible explanation gives isopenbsdsecu.re/mitigations/pid_rand: "Back in the days, software developers used to use things like pid as a source of entropy, …". With this explanation the problem was not exposing the pid but using a kind of predictable value for seeding a RNG - like proposed in stackoverflow.com/a/23146999/3081018 . So it is more about hardening insecure code.
May 31, 2025 at 11:49	comment	added	DannyNiu		@SteffenUllrich addressed a bit
May 31, 2025 at 11:47	history	edited	DannyNiu	CC BY-SA 4.0	added 338 characters in body
May 31, 2025 at 11:19	comment	added	Steffen Ullrich		Apart from that you don't actually answer your own problem - which is about your idea on still using random pid but avoiding what you claim (but not actually show) to be a major problem. Your answer here does not address the effectiveness of your idea, but instead tries to argue that the whole idea of random pid is wrong.
May 31, 2025 at 11:13	comment	added	Steffen Ullrich		"There's a false premise that truely random PIDs originally solved problems. Why is it false?" - your argumentation is basically that it did not solve problems since any problems relevant for random pids should have been adressed by other measures. This is like claiming that ASLR does not solve problems since the real issue are buggy applications which need to be fixed. Similar with many other hardening measures which don't fix the actual problem but just make it harder to exploit. It would be different if random pids are useless for what they claim to be useful - but you don't address this.
May 31, 2025 at 9:34	history	edited	DannyNiu	CC BY-SA 4.0	added 12 characters in body
May 31, 2025 at 9:24	history	edited	DannyNiu	CC BY-SA 4.0	added 22 characters in body
May 31, 2025 at 9:13	history	edited	DannyNiu	CC BY-SA 4.0	added 3 characters in body
May 31, 2025 at 9:08	history	answered	DannyNiu	CC BY-SA 4.0