Of the use of unpredictableSeed
Seb via Digitalmars-d
digitalmars-d at puremagic.com
Tue Mar 7 02:18:52 PST 2017
On Tuesday, 7 March 2017 at 03:43:42 UTC, Jonathan M Davis wrote:
> On Monday, March 06, 2017 22:04:44 Nick Sabalausky via
> Digitalmars-d wrote:
>> On 03/06/2017 05:19 PM, sarn wrote:
>> > On Monday, 6 March 2017 at 10:12:09 UTC, Shachar Shemesh
>> > wrote:
>> >> Excuse me if I'm asking a trivial question. Why not just
>> >> seed it from /dev/urandom? (or equivalent on non-Linux
>> >> platforms. I know at least Windows has an equivalent).
>> >>
>> >> Shachar
>> >
>> > One reason is that /dev/urandom isn't always available,
>> > e.g., in a chroot. Sure, these are corner cases, but it's
>> > annoying when stuff like this doesn't "just work".
>>
>> I don't claim to be any sort of linux expert or anything, but
>> doesn't chroot have a reputation for being a bit of a finicky,
>> leaky abstraction anyway? I haven't really used them, but
>> that's been my understanding...?
>
> If you want a fully secure chroot, then what you really want is
> BSD jails or Solaris zones. chroots are indeed too leaky to be
> secure. But secure container-ization doesn't really matter
> here, since a D program using D's standard number generator
> should work regardless of where it's running. So, it's a
> question of whether we're guaranteed to get at /dev/urandom or
> not, and if not, how reasonable it is to require that it be
> accessible for the program to run. There _are_ programs that
> require access to /dev, and /dev is _usually_ available.
>
> Regardless, if there is no guarantee that /dev/urandom (or
> whatever system resource for getting randomness is) is going to
> be accessible, and we want to use it, then we either have to
> require that it be accessible and error out if it isn't, or we
> have to have a backup if accessing it fails. Ideally, you'd be
> able to just use /dev/urandom and not worry about it, but I
> don't know how common it is for /dev/urandom to be unavailable
> or how reasonable it is to require that it be available.
>
> In general though, using /dev/urandom to seed the pseudo-random
> number generator seems like a good plan.
>
> - Jonathan M Davis
As apparently no one here hasn't mentioned this, Linux >= 3.17
has a dedicated syscall API. Please see:
http://man7.org/linux/man-pages/man2/getrandom.2.html
And this excellent introductory article:
https://lwn.net/Articles/605828
I did work on getting a nice getEntropy function into mir-random:
https://github.com/libmir/mir-random/pull/13
(For which it was planned to backport it to Phobos after some
testing and real-world feedback on the API.)
More information about the Digitalmars-d
mailing list