Using getmypid

Hi all,

Could/Are there be any security issues using getmypid()?



As you don’t mention it, and for anyone else wondering PHP: getmypid - Manual

Process IDs are not unique, thus they are a weak entropy source. We recommend against relying on pids in security-dependent contexts.”

As stated above, they are a severely weak entropy source (~20k variations). To put it in perspective you’d have more (severely much more) entropy in a AlphaCapNum key of length 3.

thanks for your response guys, I’m going to use this with other unique random id’s. Just wondering whether there were any other issues. Looking in to it, it looks like some hosting companies disable this function