Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:94445 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 8038 invoked from network); 9 Jul 2016 09:10:16 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 9 Jul 2016 09:10:16 -0000 Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.218.44 as permitted sender) X-PHP-List-Original-Sender: pierre.php@gmail.com X-Host-Fingerprint: 209.85.218.44 mail-oi0-f44.google.com Received: from [209.85.218.44] ([209.85.218.44:36289] helo=mail-oi0-f44.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 39/BA-18622-77FB0875 for ; Sat, 09 Jul 2016 05:10:15 -0400 Received: by mail-oi0-f44.google.com with SMTP id f189so89384241oig.3 for ; Sat, 09 Jul 2016 02:10:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=Uw0mZCnUM+Iux2MHA7XVO973hya9n2cLaEdX/z6feng=; b=KqMHJ/I4+IrGCN/i5BQR60b85eLDvX0spzUFtHvheL9LiKRzIDpcm4Hjb+RMDsbRk7 eIqd2O/9ocpVa6IhHmawaWyXYtoKp9AA+aw89nFw4ztmcsVJhq0iQAVXOQL4LjsS6u4p V6ut34QbBOUNxJG26jDdwSeYk5mO0IXxqtFkYwv2EZTE8qTZceuwFHGVGDV6hvaKpM8X R00HADDcW2kZ/LyZ+AhBSSJkcZsvxKiULCGVhd3/UYE5oNMdicBLa+g4vkMwTUAKS/hw VXJStP3bNX6kLBnWxtNw9jG7xCHwTrPDeGyZcqTO4mtOCiW9LOg8nvbuh1d5TySecO2B R7kg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=Uw0mZCnUM+Iux2MHA7XVO973hya9n2cLaEdX/z6feng=; b=aG/SrXQ625RIf5YEIoWkDXI8TNi/V9C2ePbnYnjjX3ba6cs6Hkp/G8oRhI7Z1DMywN M24xrVL7BSfdpJCEwQUEtBbjSLf9Obwt09133+aY8p6X1bJb/xHkzvIdZ41QkVC6UPbi jaqPSB+56inyuXAxMXw+H64RtGk4xBXzHbuR04vKy50tTeEsKqb6tNwY578NYM7Tcs3n iMFcK0uQSCrZq+DX+fmsbwyRSLJieYUzF4R3Hz9823WB4qxypsjMSnvog0+iez8gnPWg 02Ar9cwH27yZm7j/jC7Pq8+Q/WvPDu+KbDm5gP7otedmyCII2OVSajp1u1JSbYnlkr9R qChg== X-Gm-Message-State: ALyK8tLWSz0Slez7KyMAR6F1mf5Qket0LQiQeQ9KntHmn0kypP99W1sRBvNG23xlkHmhrNSB2xhhZPnZSKlUmg== MIME-Version: 1.0 X-Received: by 10.202.223.132 with SMTP id w126mr5330081oig.20.1468055412508; Sat, 09 Jul 2016 02:10:12 -0700 (PDT) Received: by 10.202.190.3 with HTTP; Sat, 9 Jul 2016 02:10:11 -0700 (PDT) Received: by 10.202.190.3 with HTTP; Sat, 9 Jul 2016 02:10:11 -0700 (PDT) In-Reply-To: References: Date: Sat, 9 Jul 2016 16:10:11 +0700 Message-ID: To: Leigh Cc: PHP internals Content-Type: multipart/alternative; boundary=001a113d40be5f8ffb053730494f Subject: Re: [PHP-DEV] [RFC][VOTE] RNG fixes From: pierre.php@gmail.com (Pierre Joye) --001a113d40be5f8ffb053730494f Content-Type: text/plain; charset=UTF-8 On Jul 9, 2016 4:05 PM, "Leigh" wrote: > > On Sat, 9 Jul 2016 at 09:49 Pierre Joye wrote: >> >> >> I am sorry but this PR possibly breaks BC and cases have been clearly explained how and why. Asking to show production code publically is not something that you should request. >> >> I can write a sample app to show you how but given the explanations many gave already.... > > > Just to be clear, you voted no to one BC break, but yes to other BC breaks. I don't know how you pick which ones are acceptable, and which are not. > > Summary BC breaks you voted for: > > * No to changing the output of mt_rand after calling mt_srand with a given seed (when not specifying a min/max) > * Yes to changing the output of mt_rand after calling mt_srand with a given seed (when specifying a min/max) > * Yes to changing the output of rand, shuffle, str_shuffle and array_rand > > Do you see why this looks weird to me? Yes and my mistake, did it too quick. The main issue remains and is not addressed. I may simply move on and all no as I do not see big benefits as of now to change it, especially not as I see many still thinking that change makes php uses more secure ;) --001a113d40be5f8ffb053730494f--