Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:89054 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 78154 invoked from network); 3 Nov 2015 17:39:28 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 3 Nov 2015 17:39:28 -0000 Authentication-Results: pb1.pair.com smtp.mail=sammyk@sammykmedia.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=sammyk@sammykmedia.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain sammykmedia.com designates 209.85.212.178 as permitted sender) X-PHP-List-Original-Sender: sammyk@sammykmedia.com X-Host-Fingerprint: 209.85.212.178 mail-wi0-f178.google.com Received: from [209.85.212.178] ([209.85.212.178:35134] helo=mail-wi0-f178.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 4D/B6-13519-C41F8365 for ; Tue, 03 Nov 2015 12:39:25 -0500 Received: by wicll6 with SMTP id ll6so74563064wic.0 for ; Tue, 03 Nov 2015 09:39:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sammykmedia_com.20150623.gappssmtp.com; s=20150623; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=FUfSocHdfgUhoilRTWtFfX+dEiEGQok83PpsFKDvo7Y=; b=CRLZ6EGIL+l/9IGpTxHmNvgCyS4J533KRSRcFRtT8SNgVQdnofNhxW5Cb0+vQT8zk0 5J4VEOX3vHAJ9BEMRZ4yEHBx6r0DAfQQ5Rt097b+HFj4uTSHxHz02P4uDZn6GORf2FwQ G4Lwo3IUecslMmJm+VJd1m8HGeEwkW88vDjELDNUdBiVvIJdzS2h/svwLeHZ5CQtcioe s+sThCYkWt4qjH0CiBSFJX7q4weKjZ4ksTJ3qa/XAfdSISv4L8EkZ/SM+DeC3DWshvGM TKu3aAYQzjruVle8240e1lveSr1LMs8ENC0DlacyKMN/OdqDztUjfu5x7mO7hgHP6NKY R3+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=FUfSocHdfgUhoilRTWtFfX+dEiEGQok83PpsFKDvo7Y=; b=X4Gb2jv4IZbq35Z4FJprsXMIOmxiFYHtk8k63Hmwe8ybrNnSVB2eHRm0xo6LubZ3p1 2NaLIvNTmUk7k7FyCwaH7SE7EjWxcb12RcMm4g2hDvdTJLc9xW5PS38qotKi6kES0BiN AnegIbQmfsIIVNUdYPzBPdE667uKV84/JD11+Cvggn1cL3YSpjEddhu8Rn+OZltoULrO xw8/J1tICq7hY77QUfI31IKy+FcPuGYedQCX6tuTXUdNeNwD8rry0vfRi510Bvth4VAj 5UpledpKRSZeSRBhiRPJAhjWCR1cSXkQpvJxp75Ykf5eG8dcMxdZ0rXm8OvUz+52190w O46A== X-Gm-Message-State: ALoCoQmpWf1x8tv/3Dp/6z9CR2JoKut2+QgNMqT1CXVhdtK659FJEnAUAKYNurmYfJvrN2T8WeKG MIME-Version: 1.0 X-Received: by 10.194.23.199 with SMTP id o7mr4665262wjf.80.1446572362066; Tue, 03 Nov 2015 09:39:22 -0800 (PST) Sender: sammyk@sammykmedia.com Received: by 10.194.79.70 with HTTP; Tue, 3 Nov 2015 09:39:22 -0800 (PST) X-Originating-IP: [4.16.36.59] In-Reply-To: References: <563638C6.3010304@thefsb.org> Date: Tue, 3 Nov 2015 11:39:22 -0600 X-Google-Sender-Auth: zI_5LU4Qg7fpkcorytLddSp2JQ4 Message-ID: To: Tom Worster Cc: Leigh , PHP Internals Content-Type: multipart/alternative; boundary=047d7b4724e0c885420523a65f7a Subject: Re: [PHP-DEV] Re: Make sessions use php_random_bytes in 7.1 From: me@sammyk.me (Sammy Kaye Powers) --047d7b4724e0c885420523a65f7a Content-Type: text/plain; charset=UTF-8 On Sun, Nov 1, 2015 at 2:02 PM, Tom Worster wrote: > On 11/1/15, 12:40 PM, "Leigh" wrote: > > >On 1 November 2015 at 16:07, Tom Worster wrote: > > > > > >I don't have one. > > > >But if I may ask, I'm curious, as always: What happens in the case that > >php_random_bytes() fails? > > > >Tom > > > > > >That's a good point. > > > >session_start() would throw the exception generated by php_random_bytes() > >letting you know your system is incapable of generating high quality > >random numbers. > > I think that's entirely satisfactory. > > > > >However this is a serious issue in it's own right, the APIs used (and the > >way they are used) really only fail if the underlying environment is > >fubar. > > Agreed. > > Tom > > > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > > I'm very much +1 on this and willing to help if you need some extra hands. :) --047d7b4724e0c885420523a65f7a--