oss-sec mailing list archives
Re: random number generators - rand(), random(), etc
From: Eric Blake <eblake () redhat com>
Date: Fri, 07 Nov 2014 22:15:27 +0100
On 11/07/2014 09:49 PM, jb wrote:
Hi, could you please take a look at this ? https://sourceware.org/ml/libc-alpha/2014-11/msg00143.html
Anything in particular we're supposed to look at? Besides the obvious fact that anyone using rand() or random() in a security-conscious program should be shot, and therefore, any possible bug in the implementation of these notoriously weak functions shouldn't have any implication on programs that use secure random number sources? -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- random number generators - rand(), random(), etc jb (Nov 07)
- Re: random number generators - rand(), random(), etc Michal Zalewski (Nov 07)
- Re: random number generators - rand(), random(), etc jb (Nov 07)
- Re: Re: random number generators - rand(), random(), etc Eric Blake (Nov 07)
- Re: random number generators - rand(), random(), etc jb (Nov 07)
- Re: random number generators - rand(), random(), etc Eric Blake (Nov 07)
- Re: random number generators - rand(), random(), etc Michal Zalewski (Nov 07)