1
Q1 : I want to know how Windows/Linux assign a PID to a process when that process began? Is it a delimited random number? or it is fixed for a file on a compute? does it have a special algorithm? and ...
Q2 : Is it possible to change PID of a process after it started?
Q3 : Is it possible to prevent a file to run(I mean is it possible to restrict OS to don't assign any PID to a file)?
TheGoodUser
Posted 2014-09-22T13:00:56.117
Reputation: 1 045
1
This answer is Windows-specific.
PIDs are not random. PIDs (and thread IDs; they're in the same "number space") are managed through a multilevel table structure in exactly the same way as are handles to kernel objects - although PIDs are not handles. Like handle values, PIDs are aggressively re-used, but for all practical purposes they are unpredictable.
Q2: No.
Q3: No, because the PID to be assigned to a new process is unknown. Try it. Run an instance of notepad, then close it. Sometime later, run another instance of notepad. Almost certainly your two notepads will have different PIDs.
Jamie Hanrahan
Posted 2014-09-22T13:00:56.117
Reputation: 19 777
@Ramhound Obviously the Q2 and Q3 didn't answered there! and also Q1! (They didn't indicate that what is the algorithm of assigning PIDs to processes in Windows.) - I was wanted to know if each specific file have a specific PID all over the time, Is it possible to prevent a specific virus by blocking its PID forever! (sorry for bad wording my comment! :D ) – TheGoodUser – 2014-09-22T13:48:12.990
@Ramhound The algorithm is absolutely known. It's described in Windows Internals. – Jamie Hanrahan – 2016-09-24T00:25:38.967