Random number generation, simple question.
Andrew Dalke
dalke at acm.org
Tue Jul 4 15:09:21 EDT 2000
Reini Urban wrote:
>There were some C libs around dealing with
>some special PC timer chips which can be abused for exactly that.
>
>such as the linux /dev/random pseudodevice
I was looking into this a few weeks ago. I was doing some CGI work
in Perl and wanted to make sure the random number I used for the session
id was hard to guess. If you call rand without calling srand, Perl
will use a combination of the time (in microseconds, if available),
PID, current stack size, value of the pointer passed to get the time,
and several other values.
What I saw, though, was a compile time option to use /dev/random if
it exists. I would have thought that would be enabled by default, but
it made some comment about how the read will block if there isn't enough
entropy in the source pool. Is this ever a problem in real life?
Andrew
dalke at acm.org
More information about the Python-list
mailing list