[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: avoid mktemp/mkstemp internally
From: |
Mike Frysinger |
Subject: |
Re: avoid mktemp/mkstemp internally |
Date: |
Thu, 19 May 2016 16:03:14 -0400 |
On 19 May 2016 14:37, Chet Ramey wrote:
> On 5/16/16 10:36 AM, Mike Frysinger wrote:
> >> Because many traditional implementations of mktemp/mkstemp suck.
> >
> > and many modern implementations work perfectly fine. why is the default
> > to penalize good/fixed versions ? how about we flip this in config-top.h
> > like the attached patch ?
>
> Yes, we'll try that with correct names. See what happens.
>
> >>> the bash versions seem like it's pretty trivial to collide: it mixes
> >>> current seconds count, current pid number, and a counter.
> >>
> >> Not quite; the calls in bash mix in the return value from the system's
> >> random(). Now, if that sucks too, you're going to lose.
> >
> > except bash isn't calling srand anywhere that i can see, so you're
> > iterating over the same values every time.
>
> Good catch, except you mean srandom(). I'll add in a call to that for the
> fallback code.
ah, yes, you're using random(), so srandom() is the right init. thanks!
-mike
signature.asc
Description: Digital signature