oss-sec mailing list archives
Re: random number generators - rand(), random(), etc
From: jb <jb.1234abcd () gmail com>
Date: Fri, 7 Nov 2014 21:21:52 +0000 (UTC)
Michal Zalewski <lcamtuf@...> writes:
https://sourceware.org/ml/libc-alpha/2014-11/msg00143.htmlIn general, rand() and random() are not backed by cryptosafe PRNGs and should not be used for security purposes. /mz
Well, rand() in Linux and ISO C standard are not threadsafe, but random(), srandom(), etc in Linux are claimed to be threadsafe: - pthread(7) - the function random() is listed as threadsafe - random(3) Multithreading (see pthreads(7)) The random(), srandom(), initstate(), and setstate() functions are thread-safe. But apparently they are not. A problem ? jb
Current thread:
- random number generators - rand(), random(), etc jb (Nov 07)
- Re: random number generators - rand(), random(), etc Michal Zalewski (Nov 07)
- Re: random number generators - rand(), random(), etc jb (Nov 07)
- Re: Re: random number generators - rand(), random(), etc Eric Blake (Nov 07)
- Re: random number generators - rand(), random(), etc jb (Nov 07)
- Re: random number generators - rand(), random(), etc Eric Blake (Nov 07)
- Re: random number generators - rand(), random(), etc Michal Zalewski (Nov 07)