[ruby-core:100835] [Ruby master Misc#17319] Rename Random::urandom to os

< :前の番号 ^ :番号順リスト > :次の番号 P :前の記事（スレッド移動） N :次の記事（スレッド移動） |<:前のスレッド >|:次のスレッド ^ :返事先 _:自分への返事 >:同じ返事先を持つ記事（前） <:同じ返事先を持つ記事（後） ---:分割してスレッド表示、再表示 | :分割して（縦）スレッド表示、再表示 ~ :スレッドのフレーム消去 .:インデックス ..:インデックスのインデックス

Issue #17319 has been updated by Eregon (Benoit Daloze). zofrex (James Sanderson) wrote in #note-6: > I think that people reading "raw_seed" are likely to think that either this returns the seed for the RNG or perhaps that this method is only suitable for seeding another RNG, rather than using this method as an RNG. The latter case is somewhat plausible because on some systems there are RNG sources that aren't suitable for generating lots of random data, but can be used to seed a PRNG, so I think it's important to distinguish from that. That's the point, it's not a good idea to use this API to generate an arbitrary number of random bytes. Only to use it to seed a RNG. It's just slower, inefficient and apparently not more secure to read many bytes from /dev/urandom. FWIW there is already `Random.new_seed #=> Integer`. The reference in the doc of `Random.urandom` to `man 7 random` seems to be: > While some safety margin above that minimum is reasonable, as a guard against flaws in the CSPRNG algorithm, no cryptographic > primitive available today can hope to promise more than 256 bits of security, so if any program reads more than 256 bits (32 > bytes) from the kernel random pool per invocation, or per reasonable reseed interval (not less than one minute), that should be > taken as a sign that its cryptography is not skillfully implemented. ---------------------------------------- Misc #17319: Rename Random::urandom to os_random and document random data sources https://bugs.ruby-lang.org/issues/17319#change-88477 * Author: zofrex (James Sanderson) * Status: Open * Priority: Normal ---------------------------------------- SecureRandom gets randomness from `Random::urandom`, which is a confusing name because `urandom` only uses /dev/urandom in some circumstances. On reading the `secure_random.rb` code this morning I got very confused how it was supporting "win32" for example, because it appears to only use openssl and /dev/urandom. I have renamed `urandom` to `os_random`. With this change, it is much more obvious from reading `secure_random.rb` what is happening, in my opinion. I have also added `urandom` as an alias to `os_random` so this is not a breaking change. I am not 100% sure I documented this alias correctly. I have also updated the documentation for `os_random` (was `urandom`), `SecureRandom`, and `random_raw_seed` to reflect that there are multiple potential sources for random data, not just urandom, openssl, and win32. -- https://bugs.ruby-lang.org/ Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe> <http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>