[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number
Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator
Sat, 19 Jan 2019 17:10:52 -0500
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.3.3
On 1/19/19 2:45 PM, Martijn Dekker wrote:
> Op 16-01-19 om 02:21 schreef Quentin:
>> If you really need some quality CSPRNG values, I'd suggest adding a
>> $SECURE_RANDOM variable that just reads from /dev/urandom.
> IMHO, this would clearly be the correct approach. I don't know of any
> 21st century Unix or Unix-like system that doesn't have /dev/urandom. I
> would really like to see shells adopt this idea -- hopefully all with
> the same variable name.
OK, this is a reasonable approach. Since /dev/urandom just generates
random bytes, there's a lot of flexibility and we're not subject to
any kind of backwards compatibility constraints, especially not the
16-bit limit. What do you think would be the best way to present that
to a user? As a 32-bit random number? A character string you can use to
create filenames? Some other form?
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU address@hidden http://tiswww.cwru.edu/~chet/