bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: $RANDOM not Cryptographically secure pseudorandom number generator


From: Eduardo Bustamante
Subject: Re: $RANDOM not Cryptographically secure pseudorandom number generator
Date: Sat, 15 Dec 2018 21:41:24 -0800

On Sat, Dec 15, 2018 at 6:08 PM Ole Tange <address@hidden> wrote:
(...)
> But your comment actually emphasizes my point: We _will_ have users
> who are naive enough to use $RANDOM in ways you and I would not do,
> because we know it is unsafe.
>
> Let's make those usages a little safer.

You know no one is stopping you from submitting a patch to actually
fix the documentation right? (or maybe, you know, submitting an actual
working patch to change the random generator, not just drop some
irrelevant code snippet you got from Wikipedia).

> And then we simply wait for Shellshock to happen.

Also, comparing this to shellshock is a huge strawman. Please don't do
that :), we all know better than that.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]