On Mon, Mar 31, 2014, at 03:14 PM, Theo de Raadt wrote:
> > > I wondered about just doing $((RANDOM+RANDOM)) but don't know the
> > > pros and cons of that approach - it's not exactly arc4random_uniform..
> >
> > I wanted to stay in the spirit of portability. RANDOM is a ksh
> > extension and dif
> > I wondered about just doing $((RANDOM+RANDOM)) but don't know the
> > pros and cons of that approach - it's not exactly arc4random_uniform..
>
> I wanted to stay in the spirit of portability. RANDOM is a ksh
> extension and difficult to check for reliably.
Well...
openssl is an extension.
> On Mon, Mar 31, 2014 at 20:19, Stuart Henderson wrote:
> > On 2014/03/31 20:58, Christian Weisgerber wrote:
> >> security/samhain has been broken since the removal of sum(1).
> >>
> >> The problem is the c_random.sh script, which returns a 16-bit random
> >> number in decimal. Unless I'm missin
Stuart Henderson:
> I wondered about just doing $((RANDOM+RANDOM)) but don't know the
> pros and cons of that approach - it's not exactly arc4random_uniform..
I wanted to stay in the spirit of portability. RANDOM is a ksh
extension and difficult to check for reliably.
--
Christian "naddy" Weis
On Mon, Mar 31, 2014 at 20:19, Stuart Henderson wrote:
> On 2014/03/31 20:58, Christian Weisgerber wrote:
>> security/samhain has been broken since the removal of sum(1).
>>
>> The problem is the c_random.sh script, which returns a 16-bit random
>> number in decimal. Unless I'm missing something
On 2014/03/31 20:58, Christian Weisgerber wrote:
> security/samhain has been broken since the removal of sum(1).
>
> The problem is the c_random.sh script, which returns a 16-bit random
> number in decimal. Unless I'm missing something obvious, this is
> surprisingly difficult to do in a semi-por
security/samhain has been broken since the removal of sum(1).
The problem is the c_random.sh script, which returns a 16-bit random
number in decimal. Unless I'm missing something obvious, this is
surprisingly difficult to do in a semi-portable fashion at the shell
level.
I've settled on
printf
