Home > mailing lists

[DOCS] gen_random_uuid security not explicit in documentation - Mailing list pgsql-docs

From	rightfold@gmail.com
Subject	[DOCS] gen_random_uuid security not explicit in documentation
Date	January 2, 2017 05:20:54
Msg-id	20170101232054.10135.50528@wrigleys.postgresql.org Whole thread Raw
Responses	Re: [DOCS] gen_random_uuid security not explicit in documentation
List	pgsql-docs

Tree view

The following documentation comment has been logged on the website:

Page: https://www.postgresql.org/docs/9.6/static/pgcrypto.html
Description:

Hello,

The C source code of gen_random_uuid reads:

    /*
    * Generate random bits. pg_backend_random() will do here, we don't
    * promis UUIDs to be cryptographically random, when built with
    * --disable-strong-random.
    */

However, the pgcrypto documentation does not mention
--disable-strong-random
at all. I think the documentation should mention under which conditions
the
function returns secure data.

Radek Slupik

P.S. there is also a typo in the C comment: "promis" should be "promise".

pgsql-docs by date:

From: Tom Lane
Date: 30 December 2016, 05:28:07
Subject: Re: [DOCS] start-up script for OpenBSD

From: Michael Paquier
Date: 03 January 2017, 18:47:37
Subject: Re: [DOCS] gen_random_uuid security not explicit in documentation

[DOCS] gen_random_uuid security not explicit in documentation - Mailing list pgsql-docs

Previous

Next