[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: $RANDOM not Cryptographically secure pseudorandom number generator

From: Greg Wooledge
Subject: Re: $RANDOM not Cryptographically secure pseudorandom number generator
Date: Mon, 3 Dec 2018 10:03:56 -0500
User-agent: NeoMutt/20170113 (1.7.2)

On Mon, Dec 03, 2018 at 09:56:33AM -0500, Chet Ramey wrote:
> There has to be a compelling reason to change this, especially at a point
> so close to a major release.
> You might be expecting too much from bash's random number generator. Is
> the problem that its period is at most 2**16? For its intended uses, the
> cycle length is acceptable. Do you disagree?

I suspect he doesn't share the same understanding of the "intended
uses" of bash's $RANDOM as the rest of us.

It's meant for displaying a random wallpaper image from a directory,
or for playing a random audio file from a directory.  Or for playing a
number guessing game with a 6 year old.

It is emphatically NOT for generating passwords.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]