OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq archives for 1st quarter (Jan-Mar) 1995: Re: MAGIC PIDs (was Re: magic??)

Re: MAGIC PIDs (was Re: magic??)

Reto Lichtensteiger (ralihri.com)
Thu, 2 Feb 1995 18:31:44 -0500 (EST)

Back at the ranch, Pete Shipley scribed:

: >This is probably associated with the MAGIC PID SUBSYSTEM which has
: >been implemented on a number of popular UNIX's.  Basically processes
: >that acquire a MAGIC PID have special powers and can do 'magical' things.
: >
: >If a hole is found in a program (such as /bin/login) which is executing
: >in a process with a MAGIC PID, it is said to have a 'magic hole'.
: >
: >LINUX is generally recognised as having the most complete MAGIC PID
: >implementation.  The benefits of MAGIC PIDs was discussed widely on IRC's
: >#unix and #root about 12 months ago.  For more info, I guess you could
: >try the usenet LINUX or security groups.
: 
: gee like what magical things? please more detail..

>From the file "MAGIC" in the top level of the Linux source tree:

   "It is a *very* good idea to protect kernel data structures with magic
   numbers.  This allows you to check at run time whether (a) a structure
   has been clobbered, or (b) you've passed the wrong structure to a
   routine.  This last is especially useful --- particularly when you are
   passing pointers to structures via a void * pointer.  The tty code,
   for example, does this frequently to pass driver-specific and line
   discipline-specific structures back and forth."

All the "magic number" is is an 'ID tag' that a module can test to assure
itself that it's private (or public) data structures haven't been overrun
by some other task.

Nice idea to help keep a kernel "sane" :-)

-Reto-
-- 
R A Lichtensteiger	ralihri.com
System Administrator	Horizon Research Inc	(617) 466-8304
                        Waltham MA 02154
	http://www.hri.com/HRI/Pages/rali.html/

"The system has been practicing a noncomputational lifestyle ever
since the boot disk became I/O challenged."