Re: Fw: Random strings
| От | Doug McNaught |
|---|---|
| Тема | Re: Fw: Random strings |
| Дата | |
| Msg-id | m3bskrovyj.fsf@belphigor.mcnaught.org обсуждение исходный текст |
| Ответ на | Fw: Random strings ("Joe Conway" <joseph.conway@home.com>) |
| Список | pgsql-hackers |
"Joe Conway" <joseph.conway@home.com> writes: > > Having said that, I'm not married to the idea that we should provide > access > > to both /dev/random and /dev/urandom. I'd be happy to roll another patch, > > limited to just urandom, and renaming the function if you feel strongly > > about it. (should we move this discussion back to hackers to get a wider > > audience?) There was a long discussion on linux-kernel recently about the difference between 'random' and 'urandom'. The upshot seemed to be that 'urandom' is Good Enough in 99% of the cases, since (as long as the generator is seeded well at startup) attackers would have to break SHA1 in order to predict the output from it. If someone has the resources to do that you're basically screwed anyhow... -Doug -- Free Dmitry Sklyarov! http://www.freesklyarov.org/ We will return to our regularly scheduled signature shortly.
В списке pgsql-hackers по дате отправления: