Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:94125 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 35334 invoked from network); 19 Jun 2016 16:27:46 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 19 Jun 2016 16:27:46 -0000 Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.218.51 as permitted sender) X-PHP-List-Original-Sender: pierre.php@gmail.com X-Host-Fingerprint: 209.85.218.51 mail-oi0-f51.google.com Received: from [209.85.218.51] ([209.85.218.51:33892] helo=mail-oi0-f51.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id AB/DC-18862-108C6675 for ; Sun, 19 Jun 2016 12:27:46 -0400 Received: by mail-oi0-f51.google.com with SMTP id d132so180359930oig.1 for ; Sun, 19 Jun 2016 09:27:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=I4Lb48YMEa7rZft/wLtwL2QlcuRuHPEV+qkqNLE8t4Q=; b=AKABusFu5GDojGeH7oN1pCajUUBI7B8Kj9s5piVP2RCPFXvjMzjm/e4tx4fDYMBcJJ 2BVpjPLRWZcw4C9Oqyw0OkGT+LA6KxXwAjny2/4+4309AelJr6P/L1vAH6EDwP2fFY0B TVPKBg5o9qFYSM819scNsEDKOJPhWceQCjXOE69/T6yO78NQfKOR8YJY5n7QcUw549EQ WFc+qA0L+foa58sbywMECK6G0xZqT1m/tVYaG4b8kesvNzCh6vu7bqDsjs9dlYjw7IV4 rgmAPi8NCf2k8WzjHSArpiFe1z2lqM94BtVmdsxafGrA1SMEgGv6yWxLqeXJ+ai0UoCg wOOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=I4Lb48YMEa7rZft/wLtwL2QlcuRuHPEV+qkqNLE8t4Q=; b=bBKd0FdMaf4HSiga9bcipYKcYfeIhMh4MbTLvTsArD1qXcA9MhfkIVL6NcadI9iCT+ rPwqAtMgU+uQw9USrjhvOGAlz97eDiuQahdP/ditbTlx1LP6y+OENT2z1lmS3LBIas7s BC9Swbp6SvMWUgzd6nR0YaRsyi4z8PwHA5qkIYT6zCAxYV6MfzwZ+IKGUyw3y64BgV3H Z/9/qqqPYe5pfql4C1F3yMhp/D38ftBX5eG9jzKyQIM9blGC0xd28fjIWWV0MVvWkLqV 81NZ8pB2JzWf7MfHHKvXJ8O2FJkWxvZjB+BGWebOzbtkKInr94q6+fqAWfLsrh8g0dPH bY9g== X-Gm-Message-State: ALyK8tKN9Jg3gtg95YZRZUlZ8neLjp2FiRUNBRCPrEhIvkjZYBFN+bWeyglFlHqMV43v1se7QV99iqgETvJ5qg== MIME-Version: 1.0 X-Received: by 10.157.61.74 with SMTP id a68mr929699otc.107.1466353663224; Sun, 19 Jun 2016 09:27:43 -0700 (PDT) Received: by 10.202.108.197 with HTTP; Sun, 19 Jun 2016 09:27:42 -0700 (PDT) Received: by 10.202.108.197 with HTTP; Sun, 19 Jun 2016 09:27:42 -0700 (PDT) In-Reply-To: References: <1ee34970-76f4-e6c6-df1e-a827e3fc592d@fleshgrinder.com> <25bb59bb-d9ac-5ab3-f0bb-d80e6b3fe745@fleshgrinder.com> <55ceae84-5e24-96b4-bb0f-bd8c71c057ef@fleshgrinder.com> <6d6c121e-bdd4-c6d8-b376-71ba25455a30@fleshgrinder.com> <1726fd34-8c3c-0af8-ab97-630cbbf13772@fleshgrinder.com> <49fb7830-b186-523a-696c-39e251738bdb@fleshgrinder.com> Date: Sun, 19 Jun 2016 23:27:42 +0700 Message-ID: To: PHP internals Cc: Christoph Becker , Niklas Keller Content-Type: multipart/alternative; boundary=001a11c0003836355a0535a411c8 Subject: Re: [PHP-DEV] [RFC] RNG fixes From: pierre.php@gmail.com (Pierre Joye) --001a11c0003836355a0535a411c8 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Jun 19, 2016 10:50 PM, "Fleshgrinder" wrote: > > On 6/17/2016 7:18 PM, Christoph Becker wrote: > > Consequently, we should remove rot13() as well, see > > . And we shouldn't stop there as > > include(_once), require(_once), file_get_contents() and readfile() bear > > the risk of file inclusion vulnerabilities =E2=80=A6 ;) > > > > In my opinion, our job when designing the language and the core > > libraries is not to avoid (or remove) features that can be used to > > produce insecure software, but rather to offer additional features that > > make it easier to produce secure software, and to document potential > > issues and hint at better alternatives. random_*() is such an addition= , > > and I don't see an urgent need to get rid of (mt_)rand(). > > > > Reminds me of https://github.com/rust-lang/rust/issues/32670 > > Again, our (mt_)rand() functions are not portable, not standards > compliant, slow, outdated, and dangerous for crypto. There was not a > single argument why we should keep them. I think I gave you plenty of valid usage of MT rand or rand in some extends. And the argument about them being dangerous for crypto is the same for any other functions. And right, this argument is invalid. We do not remove cars from the street because there cars accident. But we educate and prevent them. In this case it is about educations (doc, blog posts and all the palette of developers evangelism or whatever "spreading a msg" is called these days). I would appreciate that you understand our arguments. You can disagree but cannot deny them. > Fixing =3D BC --001a11c0003836355a0535a411c8--