Re: Random not so random - Mailing list pgsql-general

From Bruno Wolff III
Subject Re: Random not so random
Date
Msg-id 20041004172521.GA9716@wolff.to
Whole thread Raw
In response to Re: Random not so random  (Marco Colombo <pgsql@esiway.net>)
Responses Re: Random not so random
List pgsql-general
On Mon, Oct 04, 2004 at 18:58:41 +0200,
  Marco Colombo <pgsql@esiway.net> wrote:
>
> Actually, that should be done each time the random() function
> is evaluated. (I have no familiarity with the code, so please

That may be overkill, since I don't think that random has been advertised
as a secure or even particularly strong random number generator.

> bear with me if the suggestion is unsound). I'd even add a parameter
> for "really" random data to be provided, by reading /dev/random
> instead of /dev/urandom (but read(2) may block).

You don't want to use /dev/random. You aren't going to get better random
numbers that way and blocking reads is a big problem.

> How about the following:
> random() = random(0) = traditional random()
> random(1) = best effort random() via /dev/urandom
> random(2) = wait for really random bits via /dev/random

It might be nice to have a secure random function available in postgres.
Just using /dev/urandom is probably good enough to provide this service.

pgsql-general by date:

Previous
From: Janning Vygen
Date:
Subject: Re: i'm really desperate: invalid memory alloc request
Next
From: Gaetano Mendola
Date:
Subject: Re: VACUUM FULL on 24/7 server