[znep]

On a multiuser system there are various cases where being able to predict the PID of a process allows attack against naive code. eg. If a process uses the pid to generate a tmp file name, someone sneaks in first and makes it a link and uses that to put content into an arbitrary file they shouldn't have write access to.

Now, there is a valid contention that any code doing that is broken anyway and should just be fixed, and most code is much better about this now than 15 years ago. There is another contention that randomizing pids can help so why not.

See http://marc.info/?t=94754302700001&r=1&w=1 and http://marc.info/?t=94759485200001&r=1&w=1 for old discussion.