Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 30 Jan 2013 14:45:37 +0100
From: Szabolcs Nagy <nsz@...t70.net>
To: musl@...ts.openwall.com
Subject: Re: [PATCH] Add support for mkostemp, mkstemps and mkostemps

* Hardy Falk <hardy.falk@...boo.com> [2013-01-30 08:59:51 +0100]:
> Am 30.01.2013 08:21, schrieb Rich Felker:
> >On Tue, Jan 29, 2013 at 06:16:11PM -0500, Anthony G. Basile wrote:
> >>>implement, but the random name generator definitely needs a better
> >>>algorithm.  I just adopted what was already there, but its not good
> >>>enough.
> >>>
> You should try "shr3"  by George Marsaglia (rip)

no, we dont need a prng there, we get new entropy
at each try from the clock source

the statistical quality may be improved a bit with
different hashing of the time and addresses, but
it is reasonable now

for retries the iteration count and the previous
rand could be used as well, but that's a rare case

more significant improvement can be done by larger
set of names and better entropy source

the current 24bit should be good enough for most
practical use (you can generate a few thousand
names before a collision happens, assuming uniform
distribution) but that may be worth increasing

the entropy source is mostly problematic on embedded
systems with bad clock, but there is probably no
good source at all there

> https://groups.google.com/forum/?fromgroups=#!msg/sci.math/k3kVM8KwR-s/jxPdZl8XWZkJ

i could not open this
another evil from google..

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.