Re: Random not so random - Mailing list pgsql-general

From Michael Fuhr
Subject Re: Random not so random
Date
Msg-id 20041006153013.GA8812@winnie.fuhr.org
Whole thread Raw
In response to Re: Random not so random  (Michael Fuhr <mike@fuhr.org>)
List pgsql-general
On Tue, Oct 05, 2004 at 07:23:32AM -0600, Michael Fuhr wrote:
> On Tue, Oct 05, 2004 at 02:39:13PM +0200, Harald Fuchs wrote:
>
> > I think we don't need the randomness provided by /dev/[u]random.  How
> > about XORing in getpid?
>
> What about making the seeding mechanism and perhaps random()'s
> behavior configurable?

Regarding a configurable seeding mechanism, I was thinking along
the lines of Apache's SSLRandomSeed directive:

http://httpd.apache.org/docs-2.0/mod/mod_ssl.html#sslrandomseed

The "builtin" source could use a seed based on the time and
possibly the process ID, similar to the current implementation.

The "file" source would allow admins to use /dev/random or
/dev/urandom, whichever they prefer, or even an ordinary
file if they always wanted the same seed for testing purposes.
The backend wouldn't know or care what the source was: it
would simply open the specified file and read from it.

The "exec" source would read the seed from an external program,
which could generate it by whatever means desired.

The Apache directive also supports "egd" to obtain the seed
from an Entropy Gathering Daemon.

By making the seeding mechanism configurable, then everybody
can have it their own way.

Comments?

--
Michael Fuhr
http://www.fuhr.org/~mfuhr/

pgsql-general by date:

Previous
From: Ben
Date:
Subject: database constraints
Next
From: Mark Gibson
Date:
Subject: Re: Cache lookup failed for relation, when trying to DROP