how to map MS process id to SM process id?
mikea
mikea at MIKEA.ATH.CX
Sat Jun 7 00:37:17 IST 2003
On Fri, Jun 06, 2003 at 07:24:37PM -0400, Matt Kettler wrote:
> At 03:01 PM 6/6/2003 -0700, Chris W. Parker wrote:
> >Hello.
> >
> >When checking the maillog I'd like to be able to pull all the records
> >pertaining to a certain mail. Is there a way to map the sendmail process
> >id to the MS process id that is handling that mail?
> >
> >Let me know if I haven't made sense.
>
> Process ID's are assigned by the OS itself, and there's no repeatable
> relationship between the PID of one process and the PID of another.
>
> Yes most Linux distros assign them in a counting order, but there's no way
> to be certain that two processes were started one right after the other
> without anything else starting in the middle.
>
> If you are running a paranoid OS (ie: OpenBSD or grsecurity patched linux)
> PIDs will be random.
>
> If there was a good inter-process pid mapping scheme, a few obscure kinds
> of hacking attempts would be significantly easier.
I have written a shell script that, in conjunction with a Perl script,
will do do something like this wiht a Sendmail log.
It's a real hack, and the output is not at all pretty, but I'll post
it Monday if someone will remind me and I'm able to find it.
--
Mike Andrews
mikea at mikea.ath.cx
Tired old sysadmin since 1964
More information about the MailScanner
mailing list