[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: maradns reproducibility fixes and the merits of picking a random num
From: |
Vagrant Cascadian |
Subject: |
Re: maradns reproducibility fixes and the merits of picking a random number |
Date: |
Wed, 08 Jun 2022 13:23:36 -0700 |
On 2022-06-08, Liliana Marie Prikler wrote:
> Am Montag, dem 06.06.2022 um 18:49 -0700 schrieb Vagrant Cascadian:
>> p.s. Obviously, I picked the best random number.
> I beg to differ.
>> +-RandomPrime: RandomPrime.c
>> +- $(CC) -O3 -o RandomPrime RandomPrime.c
>> +-
>> +-DwRandPrime.h: RandomPrime
>> +- if [ -e /dev/urandom ] ; then ./RandomPrime > DwRandPrime.h ;
>> fi
>> ++DwRandPrime.h:
>> ++ echo '#define MUL_CONSTANT 1238145941' > DwRandPrime.h
> This does not satisfy requirement #221: chosen by a fair dice roll.
> Randomness can therefore not be guaranteed.
I will admit to "Obviously, I picked the best random number." as a
joke. Hard-coding any supposedly random number seems awfully wrong to
me!
This is a not particularly great patch to make it compile reproducibly,
on the *assumption* that number will not actually be used in practice,
because it *supposed* to only be used when /dev/urandom is not
available. I would love to see better patches that make fewer
assumptions!
FWIW, This is effectively the same embedded random number used in the
Debian patch, although the maradns packaging in Debian basically comes
to the same result by copying files around rather than patching them
directly.
live well,
vagrant
signature.asc
Description: PGP signature
Re: maradns reproducibility fixes and the merits of picking a random number, Ludovic Courtès, 2022/06/07
Re: maradns reproducibility fixes and the merits of picking a random number, Arun Isaac, 2022/06/08
Re: maradns reproducibility fixes and the merits of picking a random number, Liliana Marie Prikler, 2022/06/08
- Re: maradns reproducibility fixes and the merits of picking a random number,
Vagrant Cascadian <=