Date: Sun, 25 Feb 2001 19:35:41 +1100 (EST) From: Bruce Evans <bde@zeta.org.au> To: Kris Kennaway <kris@obsecurity.org> Cc: Matt Dillon <dillon@earth.backplane.com>, Robert Watson <rwatson@FreeBSD.ORG>, Nick Sayer <nsayer@FreeBSD.ORG>, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: ports/astro/xglobe/files patch-random Message-ID: <Pine.BSF.4.21.0102251920150.6561-100000@besplex.bde.org> In-Reply-To: <20010224225935.A769@mollari.cthul.hu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 24 Feb 2001, Kris Kennaway wrote: > On Sat, Feb 24, 2001 at 10:40:00PM -0800, Matt Dillon wrote: > > I agree with Bruce that throwing a warning in for simply using > > rand() or rand_r() is not appropriate. The man page says its > > obsolete and that is good enough. We can only protect programmers > > from themselves to a point, after that we are wasting our time. > > This isn't true -- as it stands now, people are writing code which > produces bad behaviour (e.g. the xglobe stars thing), or is insecure, > because they are ignoring the documentation. If we add a link-time > warning it will probably catch more software writers, and the net > result is positive. It also points out instances of possibly bad Probability epsilon. The "mktemp() possibly used unsafely" warning is about a much more important problem; it is very annoying, but not annoying enough for many uses of mktemp() to actually go away even in /usr/src (excuse: many or most of them are in gcc or binutils). > Bruce's objection is on different grounds, and I'll think about how we > can improve rand() without breaking the standards. Actually, on that > matter, I have the suspicion that the rand() implementation (i.e. the > algorithm it uses) is standardized somewhere (one of the C > standards?). Bruce, can you confirm? The C standard just gives an example of a portable implementation without saying that it is a bad example. On second thoughts, the standard rand() is somewhat broken as designed. "unsigned int" seed limits it to UINT_MAX sequences, and there is no way to ask for irreproducible randomness. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0102251920150.6561-100000>