Home > mailing lists

Re: Support getrandom() for pg_strong_random() source - Mailing list pgsql-hackers

From	Daniel Gustafsson
Subject	Re: Support getrandom() for pg_strong_random() source
Date	July 30 14:55:00
Msg-id	591B91B0-E240-4C8C-BC9D-58C731655D2D@yesql.se Whole thread Raw
In response to	Re: Support getrandom() for pg_strong_random() source (Peter Eisentraut <peter@eisentraut.org>)
Responses	Re: Support getrandom() for pg_strong_random() source
List	pgsql-hackers

Tree view

> On 30 Jul 2025, at 13:10, Peter Eisentraut <peter@eisentraut.org> wrote:
>
> On 30.07.25 08:59, Masahiko Sawada wrote:
>> I've updated the patch to support getentropy() instead of getrandom().
>
> The point still stands that the number of installations without OpenSSL support is approximately zero, so what is the
purposeof this patch if approximately no one will be able to use it? 

The main usecase I've heard discussed (mostly in hallway tracks IIRC) is to
allow multiple PRNG's so that codepaths which favor performance over
cryptographic properties can choose, this would not be that but a small step on
that path (whether or not that's the appropriate step is debatable).

For installations without OpenSSL, getrandom() as an API over /dev/urandom
still works when /dev is chrooted away.  That subset might be too small to
spend code on though.

--
Daniel Gustafsson

pgsql-hackers by date:

From: Dagfinn Ilmari Mannsåker
Date: 30 July, 14:50:49
Subject: Re: Support getrandom() for pg_strong_random() source

From: Daniel Gustafsson
Date: 30 July, 15:09:47
Subject: Re: Enable data checksums by default

Re: Support getrandom() for pg_strong_random() source - Mailing list pgsql-hackers

Previous

Next