Date: Tue, 5 Feb 2002 15:20:44 +0300 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: Mark Murray <markm@FreeBSD.org>, des@FreeBSD.org Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libpam/modules/pam_unix pam_unix.c Message-ID: <20020205122043.GA3192@nagual.pp.ru> In-Reply-To: <200202040028.g140SsC86408@freefall.freebsd.org> References: <200202040028.g140SsC86408@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Feb 03, 2002 at 16:28:54 -0800, Mark Murray wrote: > markm 2002/02/03 16:28:54 PST > > Modified files: > lib/libpam/modules/pam_unix pam_unix.c > Log: > Add the other half of the salt-generating code. No functional > difference except that the salt is slightly harder to build > dictionaries against, and the code does not use srandom[dev](). It is not sufficient to not use srandom*(). random() can't be used in the libraries too! 1) You break applications which expect the same sequence from random() (when initializing srandom() to some fixed value) since insert random() calls in the middle of application ones. 2) Since you not use srandom(), the code producing the same sequence from random() in case application do use random(). What is wrong with my arc4random() patch? arc4random() is not slower then random() incorrectly used now. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020205122043.GA3192>