[1944] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] check-ps-1.2alpha5 released

daemon@ATHENA.MIT.EDU (Duncan Simpson)
Mon Jun 29 02:46:47 1998

To: bugtraq@netspace.org
Cc: linux-security@redhat.com
Date: Mon, 29 Jun 1998 00:41:49 +0200
From: Duncan Simpson <dps@io.stargate.co.uk>
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



check-ps 1.2 alpha 5 has been released. This is a bugfix release. The upgrades 
are:

 o Linux compile fix applied
 o Possible support for kill scanning on other platform (if pid_t is 16 bits
   or ultra-fast machine it is probably supported, if not the program
   probably says no).
 o A configure script that works when fed to bash 2.x ('foo'$$'foo' expands
   to foo$foo under bash 2.x which broke an awk script generated within the
   script).

The maximum pid probing program is simplistic there are two stages. It is far 
better to give it a header file that knows the real information.

1a. By doubling 1 repeated find when it goes negative or kill(n,0) returns
   EINVAL (normally never).
1b. Give m= the last +ve value in the last step compute the biggest
    +ve number by setting m=m+(m-1)
1c. If (overflowed and (m<0 or (m+1)>0)) say no.
2a. set a 1 second alarm
2b. Loop through 1 to m
2c. If the alarm went off the say no
2d. Otherwise report m+1

Anyone got a better method of finding the maxmimum possible pid?

- -- 
Duncan (-:
"software industry, the: unique industry where selling substandard goods is
legal and you can charge extra for fixing the problems."



-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv

iQA/AwUBNZbUtkekq+3VXI08EQKI6wCfYFQ1J3KQ/V1gD7BYnTDscSbcPZcAn3px
/8aCy05csqBzI8F9DSHS6dI9
=YmOu
-----END PGP SIGNATURE-----

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe:
  mail -s unsubscribe linux-security-request@redhat.com < /dev/null


home help back first fref pref prev next nref lref last post