Home > mailing lists

Re: [PATCH] using arc4random for strong randomness matters. - Mailing list pgsql-hackers

From	David CARLIER
Subject	Re: [PATCH] using arc4random for strong randomness matters.
Date	November 23, 2017 00:47:19
Msg-id	CA+XhMqw3ai=eM3AJRyUVNa7w6UORKwb2Er9Ab=MKQy0QCdgR5A@mail.gmail.com Whole thread Raw
In response to	Re: [PATCH] using arc4random for strong randomness matters. (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: [PATCH] using arc4random for strong randomness matters. (Stephen Frost <sfrost@snowman.net>)
List	pgsql-hackers

Tree view

I dunno, it seems like this is opening us to a new set of portability
hazards (ie, sub-par implementations of arc4random) with not much gain to
show for it.

Hence I reduced to three platforms only.

IIUC, what this code actually does is reseed itself from /dev/urandom
every so often and work from a PRNG in between. That's not a layer that
we need, because the code on top is already designed to cope with the
foibles of /dev/urandom --- or, to the extent it isn't, that's something
we have to fix anyway. So it seems like having this optionally in place
just reduces what we can assume about the randomness properties of
pg_strong_random output, which doesn't seem like a good idea.

That I admit these are valid points.

Cheers.

regards, tom lane

pgsql-hackers by date:

From: Pavel Stehule
Date: 23 November 2017, 00:46:12
Subject: Re: [HACKERS] SQL procedures

From: Jesper Pedersen
Date: 23 November 2017, 00:56:06
Subject: Re: [HACKERS] path toward faster partition pruning

Re: [PATCH] using arc4random for strong randomness matters. - Mailing list pgsql-hackers

Previous

Next