Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:98120
Return-Path: <fsb@thefsb.org>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 69570 invoked from network); 2 Feb 2017 13:54:26 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 2 Feb 2017 13:54:26 -0000
Authentication-Results: pb1.pair.com smtp.mail=fsb@thefsb.org; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=fsb@thefsb.org; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain thefsb.org designates 173.203.187.75 as permitted sender)
X-PHP-List-Original-Sender: fsb@thefsb.org
X-Host-Fingerprint: 173.203.187.75 smtp75.iad3a.emailsrvr.com  
Received: from [173.203.187.75] ([173.203.187.75:42661] helo=smtp75.iad3a.emailsrvr.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 31/4B-51557-11A33985 for <internals@lists.php.net>; Thu, 02 Feb 2017 08:54:26 -0500
Received: from smtp10.relay.iad3a.emailsrvr.com (localhost [127.0.0.1])
	by smtp10.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id B84B564F0;
	Thu,  2 Feb 2017 08:54:23 -0500 (EST)
X-Auth-ID: fsb@thefsb.org
Received: by smtp10.relay.iad3a.emailsrvr.com (Authenticated sender: fsb-AT-thefsb.org) with ESMTPSA id 8188164FC;
	Thu,  2 Feb 2017 08:54:23 -0500 (EST)
X-Sender-Id: fsb@thefsb.org
Received: from [10.0.1.2] (c-66-30-62-12.hsd1.ma.comcast.net [66.30.62.12])
	(using TLSv1.2 with cipher AES256-GCM-SHA384)
	by 0.0.0.0:465 (trex/5.7.12);
	Thu, 02 Feb 2017 08:54:23 -0500
To: "Christoph M. Becker" <cmbecker69@gmx.de>,
 "Yasuo Ohgaki" <yohgaki@ohgaki.net>
Cc: "Lauri =?utf-8?q?Kentt=C3=A4?=" <lauri.kentta@gmail.com>,
 "internals@lists.php.net" <internals@lists.php.net>,
 Leigh <leight@gmail.com>, "Nikita Popov" <nikita.ppv@gmail.com>
Date: Thu, 02 Feb 2017 08:54:23 -0500
Message-ID: <F7F0A6E4-D840-429C-B3D7-83DBA6855791@thefsb.org>
In-Reply-To: <842237fd-7e2d-70b4-5e0b-754bcba1fcf8@gmx.de>
References: <0D26A03B-6BEB-4730-8E4B-0F7D6835E683@thefsb.org>
 <CAGa2bXZYStrud9MWya-680Z457T1i-a2F5u-AXtaNvkTdMEZtQ@mail.gmail.com>
 <CAGa2bXZRT2xGgL7fMkHFetjDk00w=AMmaCipVeM5Oftvd0mYAw@mail.gmail.com>
 <8991137d8dd8ba915bcacd4fbc1fe88f@gmail.com>
 <CAGa2bXYBV8cUBDXf5j2ZG6wDxDtTG1389JKNWJNi8-YT5FHupQ@mail.gmail.com>
 <CAGa2bXYw70SzxpicASH-Go5XPy4FJb2gnyuoJuYm=f3+dzB52A@mail.gmail.com>
 <CAGa2bXa97GVG-FxB-NDm4rVTKC+w8hUwFi-v0Kann_F_rEKKxA@mail.gmail.com>
 <1fa97f9f4d4c0866fb4b0f21fc68b068@gmail.com>
 <CAGa2bXakeme3h6RgqYWtJ+usJ6YwjJf7LkHaj=yVQXHWkdx+6w@mail.gmail.com>
 <842237fd-7e2d-70b4-5e0b-754bcba1fcf8@gmx.de>
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; markup=markdown
X-Mailer: MailMate (1.9.6r5319)
Subject: Re: [PHP-DEV] Improving mt_rand() seed
From: fsb@thefsb.org ("Tom Worster")

On 2 Feb 2017, at 8:24, Christoph M. Becker wrote:

> On 02.02.2017 at 12:51, Yasuo Ohgaki wrote:
>
>> Although users must never do this, but there are codes that generate 
>> random
>> password/access key by mt_rand().
>
> There is also code that stores clear text passwords.  How would you
> prevent that?
>
> IMHO, if users don't care to read the docs[1], it's their fault, and 
> we
> shouldn't waste our time to fix their bugs.
>
> [1] <http://php.net/manual/en/function.mt-rand.php>

We cannot fix these bugs without making mt_rand a CSPRNG, which means it 
is no longer mt_rand.

All we can do is mitigate the problem (to some unknowable extent) by 
seeding mt_rand from php_random_bytes. I don't care if we do this or not 
so long as the change is simple and BC, i.e. 32-bit seed that falls back 
to something else if php_random_bytes fails.

Tom