Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > gnu.bash.bug > #14891 > unrolled thread
| Started by | Chet Ramey <chet.ramey@case.edu> |
|---|---|
| First post | 2018-12-03 15:18 -0500 |
| Last post | 2018-12-03 15:18 -0500 |
| Articles | 1 — 1 participant |
Back to article view | Back to gnu.bash.bug
This discussion starts older than the indexed window; earlier articles aren't shown. The article labeled Started by
below is the oldest one visible, not the original post.
Re: $RANDOM not Cryptographically secure pseudorandom number generator Chet Ramey <chet.ramey@case.edu> - 2018-12-03 15:18 -0500
| From | Chet Ramey <chet.ramey@case.edu> |
|---|---|
| Date | 2018-12-03 15:18 -0500 |
| Subject | Re: $RANDOM not Cryptographically secure pseudorandom number generator |
| Message-ID | <mailman.5110.1543868300.1284.bug-bash@gnu.org> |
On 12/3/18 11:31 AM, Ole Tange wrote: > On Mon, Dec 3, 2018 at 3:56 PM Chet Ramey <chet.ramey@case.edu> wrote: > >> There has to be a compelling reason to change this, especially at a point >> so close to a major release. > > The reason for my submission was that I needed a bunch of random > numbers in a shell script, but I needed them to be high quality. > Luckily I did not just assume that Bash delivers high quality random > numbers, but I read the source code, and then found that the quality > was low. I do not think must users would do that. This is always requirements-driven. Nobody expects to get cryptographic- quality PRNGs out of the shell (or any of the libc interfaces, tbh), and that's never been promised or expected. You can't really expect that from something that only promises 16 bits. However, for common scripting tasks like generating temporary filenames, it's perfectly adequate. Chet -- ``The lyf so short, the craft so long to lerne.'' - Chaucer ``Ars longa, vita brevis'' - Hippocrates Chet Ramey, UTech, CWRU chet@case.edu http://tiswww.cwru.edu/~chet/
Back to top | Article view | gnu.bash.bug
csiph-web