Hi,
Le 25/07/2022 à 14:39, Florian Weimer a écrit :
* Jason A. Donenfeld via Libc-alpha:
The performance numbers suggest that we benefit from buffering in user
space.
The question is whether it's safe and advisable to buffer this way in
userspace. Does userspace have the right information now of when to
discard the buffer and get a new one? I suspect it does not.
Not completely, no, but we can cover many cases. I do not currently see
a way around that if we want to promote arc4random_uniform(limit) as a
replacement for random() % limit.
+1
That the reason I've reviewed the implementation positively: for me
arc4random is not about generating secret keys but small integers.
I want to be able to divert developers from
srand(time(NULL))
identifier = rand() % 33
to
identifier = arc4random_uniform(33)
Safe, fast, and reasonably secure.
Regards.
--
Yann Droneaud
OPTEYA
