[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number

From: Chet Ramey
Subject: Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator
Date: Mon, 21 Jan 2019 09:43:17 -0500
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.3.3

On 1/21/19 8:48 AM, Greg Wooledge wrote:
> On Sun, Jan 20, 2019 at 03:39:45PM +0100, Martijn Dekker wrote:
>> E.g. to create a random character string for a temporary
>> file name, you could do
>> filename_suffix() {
>>     chars=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
>>     length=${#chars}
>>     for ((i=0; i<10; i++)) do
>>         printf '%s' "${chars:$(( SECURE_RANDOM % length + 1 )):1}"
>>     done
>> }
>> tmpfile=/tmp/myfile.$(filename_suffix)
> If we're doing wishlists here, I would much rather have a portable
> builtin mktemp command.  Have it work like the Linux mktemp(1) command
> (automatically create the file before terminating), and if you want to
> put a cherry on top, let it accept and ignore the -c (create) option
> for compatibility with the HP-UX mktemp(1) which doesn't create the file
> by default.

Take the linux mktemp, add the -c option, and turn it into a loadable
builtin. I'd be happy to ship that with the next version.

``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    address@hidden    http://tiswww.cwru.edu/~chet/

reply via email to

[Prev in Thread] Current Thread [Next in Thread]