Path: csiph.com!goblin1!goblin.stu.neva.ru!usenet.stanford.edu!not-for-mail From: Greg Wooledge Newsgroups: gnu.bash.bug Subject: Re: $RANDOM not Cryptographically secure pseudorandom number generator Date: Mon, 3 Dec 2018 10:03:56 -0500 Lines: 17 Approved: bug-bash@gnu.org Message-ID: References: <868cc2da-cf67-298f-4640-ab1afcf857e0@case.edu> NNTP-Posting-Host: lists.gnu.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: usenet.stanford.edu 1543849495 606 208.118.235.17 (3 Dec 2018 15:04:55 GMT) X-Complaints-To: action@cs.stanford.edu To: bug-bash@gnu.org Envelope-to: bug-bash@gnu.org Mail-Followup-To: bug-bash@gnu.org Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20170113 (1.7.2) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 139.137.100.1 X-BeenThere: bug-bash@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Bug reports for the GNU Bourne Again SHell List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Xref: csiph.com gnu.bash.bug:14885 On Mon, Dec 03, 2018 at 09:56:33AM -0500, Chet Ramey wrote: > There has to be a compelling reason to change this, especially at a point > so close to a major release. > > You might be expecting too much from bash's random number generator. Is > the problem that its period is at most 2**16? For its intended uses, the > cycle length is acceptable. Do you disagree? I suspect he doesn't share the same understanding of the "intended uses" of bash's $RANDOM as the rest of us. It's meant for displaying a random wallpaper image from a directory, or for playing a random audio file from a directory. Or for playing a number guessing game with a 6 year old. It is emphatically NOT for generating passwords.