Robert Haas <robertmh...@gmail.com> writes: > Yeah, random() is the wrong thing. It should use PostmasterRandom(). > Fixed to do that instead.
I am not very happy about this patch; have you considered the security implications of what you just did? If you haven't, I'll tell you: you just made the postmaster's selection of "random" cancel keys and password salts a lot more predictable. Formerly, the srandom() seed for those depended on both the postmaster start time and the time of the first connection request, but this change removes the first connection request from the equation. If you know the postmaster start time --- which we will happily tell any asker --- it will not take too many trials to find the seed that's in use. I'd be the first to agree that this point is inadequately documented in the code, but PostmasterRandom should be reserved for its existing security-related uses, not exposed to the world for (ahem) random other uses. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers