Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number

bug-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number

From:	Greg Wooledge
Subject:	Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator
Date:	Mon, 21 Jan 2019 08:48:15 -0500
User-agent:	NeoMutt/20170113 (1.7.2)

On Sun, Jan 20, 2019 at 03:39:45PM +0100, Martijn Dekker wrote:
> E.g. to create a random character string for a temporary
> file name, you could do
> 
> filename_suffix() {
>     chars=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
>     length=${#chars}
>     for ((i=0; i<10; i++)) do
>         printf '%s' "${chars:$(( SECURE_RANDOM % length + 1 )):1}"
>     done
> }
> tmpfile=/tmp/myfile.$(filename_suffix)

If we're doing wishlists here, I would much rather have a portable
builtin mktemp command.  Have it work like the Linux mktemp(1) command
(automatically create the file before terminating), and if you want to
put a cherry on top, let it accept and ignore the -c (create) option
for compatibility with the HP-UX mktemp(1) which doesn't create the file
by default.

P.S. yours needs quite a lot more code (perhaps attempting to create
the file with noclobber in effect, or something similar) to be safe.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Quentin, 2019/01/15
- Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Martijn Dekker, 2019/01/19
  - Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Chet Ramey, 2019/01/19
    - Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Martijn Dekker, 2019/01/20
    - Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Greg Wooledge <=
    - Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Chet Ramey, 2019/01/21
    - Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Robert Elz, 2019/01/21
    - Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Quentin, 2019/01/21
- Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Rawiri Blundell, 2019/01/20
  - Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Chet Ramey, 2019/01/20
    - Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Chet Ramey, 2019/01/20
    - Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Eduardo A . Bustamante López, 2019/01/20
    - Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Rawiri Blundell, 2019/01/20
    - Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Chet Ramey, 2019/01/20
    - Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator, Rawiri Blundell, 2019/01/20

Prev by Date: ${p+\"$p\"}
Next by Date: Re: "return" should not continue script execution, even if used inappropriately
Previous by thread: Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator
Next by thread: Re: [bug-bash] $RANDOM not Cryptographically secure pseudorandom number generator
Index(es):
- Date
- Thread