Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:92016
Return-Path: <t.carnage@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 1987 invoked from network); 30 Mar 2016 09:31:49 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 30 Mar 2016 09:31:49 -0000
Authentication-Results: pb1.pair.com header.from=t.carnage@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=t.carnage@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.217.182 as permitted sender)
X-PHP-List-Original-Sender: t.carnage@gmail.com
X-Host-Fingerprint: 209.85.217.182 mail-lb0-f182.google.com  
Received: from [209.85.217.182] ([209.85.217.182:33260] helo=mail-lb0-f182.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 09/A2-24137-40D9BF65 for <internals@lists.php.net>; Wed, 30 Mar 2016 04:31:49 -0500
Received: by mail-lb0-f182.google.com with SMTP id u8so27790734lbk.0
        for <internals@lists.php.net>; Wed, 30 Mar 2016 02:31:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc;
        bh=eiLVHL4Lez3NO1t4TO8xONvOCO1gokquTvpsdGuUv/Y=;
        b=aG04XpHkVVqsi6e14lxcaJZbins8fyOUxY7uabRNQTZjXgJZH7V+fv6zXeNJFw5dqN
         I7ZZ8eC7bTk+mFxptJgBsq8jI/07K1XFxeQ51SKyTgs4gF4jLgLR0Ff59Eg2dLp7vLFx
         XmC/FexxfsUeoofEZV74GwMX4j4U8Ct9rFSYisMAVSEZDaeVJEiiax2kAFTDJurDHMkl
         fJed4dIf0OEDCkK4GVnB6JbYB0F8B0cVeNlJOvpEmFoW9QuFtU4SsoiiPvFgboVRBTod
         SG273lfUFCCIGG7R5pO6U3llOpx7lMFeg/jTTJZGw92m/BVMj0ZS8xB1n5yAzhXZ3DzW
         hXew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:in-reply-to:references:date
         :message-id:subject:from:to:cc;
        bh=eiLVHL4Lez3NO1t4TO8xONvOCO1gokquTvpsdGuUv/Y=;
        b=MM86DUl8TgjdxLHivqZjZTueERtYiqSUXKGLId/lr8xSYzyJ0nsM90CFEKT3dZ82Ln
         NainSNwo8oZXXNi1M/k+7q1gn/getAavflpCl+UGexqAEitPX0Wt2ulJvF6vLWM/og8I
         nvLHH9lCrW6HoNG9RAzlptF3JQBcFdqdC43OzzEoPiHxzm2US2G0rK3IqlVnc8xDOlW3
         LPUb+fEtwzb/LJns248YaklmWHR6uClEC95zRtWYwjSb0Xk1owLJFPTpLU+se+GKDw2y
         rfyW1uyM1bUFBQ0GAG4Gjdqo9fujqhuPCYBmr3ajuiO7gd3/VSV44k77BNZL749FIijv
         mWOA==
X-Gm-Message-State: AD7BkJKly0v/41AEP2gJo9NtJo8Dy/wRt7sgC64e2p80VNjAGVbD9S5grFS41bwgWc15Bl610jozKxyxt/MoEg==
MIME-Version: 1.0
X-Received: by 10.112.62.165 with SMTP id z5mr2810712lbr.89.1459330306087;
 Wed, 30 Mar 2016 02:31:46 -0700 (PDT)
Received: by 10.112.0.200 with HTTP; Wed, 30 Mar 2016 02:31:46 -0700 (PDT)
In-Reply-To: <CAEKnhAGA57nbN3WTYyYo0=1VpKPE=omLK4i+qNcd6fn49DfkEg@mail.gmail.com>
References: <D3200402.6CBF2%fsb@thefsb.org>
	<CAEKnhAGA57nbN3WTYyYo0=1VpKPE=omLK4i+qNcd6fn49DfkEg@mail.gmail.com>
Date: Wed, 30 Mar 2016 10:31:46 +0100
Message-ID: <CABHuAWzx4E=ftv7p0VFtUkcBhQMBXRDR+xXV38jyjO35AWTUCw@mail.gmail.com>
To: Jakub Zelenka <bukka@php.net>
Cc: Tom Worster <fsb@thefsb.org>, php-internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=001a11c3e7fc8120fc052f40d08d
Subject: Re: [PHP-DEV] #71915 openssl_random_pseudo_bytes is not "fork-safe"
From: t.carnage@gmail.com (Chris Riley)

--001a11c3e7fc8120fc052f40d08d
Content-Type: text/plain; charset=UTF-8

On 29 March 2016 at 19:49, Jakub Zelenka <bukka@php.net> wrote:

> I have added some feedback and assigned it to myself ;)
>
> On Tue, Mar 29, 2016 at 3:05 PM, Tom Worster <fsb@thefsb.org> wrote:
>
> > mathieuk has requested feedback on a patch to mitigate this problem in
> PHP.
> >
> > https://bugs.php.net/bug.php?id=71915
> >
> > Tom
> >
> >
> >
>

Would the safest option here not just be upon fork, reseed the RNG from
/dev/urandom ?

--001a11c3e7fc8120fc052f40d08d--