Gregory Stark wrote:
> Magnus Hagander <magnus@hagander.net> writes:
>
>> D'Arcy J.M. Cain wrote:
>>> On Sun, 12 Oct 2008 12:57:58 +0300
>>> "Marko Kreen" <markokr@gmail.com> wrote:
>>>> On 10/11/08, D'Arcy J.M. Cain <darcy@druid.net> wrote:
>>>>> + if (!random_initialized)
>>>>> + {
>>>>> + srandom((unsigned int) time(NULL));
>>>>> + random_initialized = true;
>>>>> + }
>>>> This is bad idea, postgres already does srandom()
>>> Is that new? I added that to my local version at one time because I
>>> was getting the same salt every time I ran it.
>> You really should not be using the standard random() function to generat
>> salts... You need a more secure one.
>
> Do salts have to be secure at all? I thought they just had to be widely
> distributed so that you couldn't use a dictionary attack. The traditional way
> to pick crypt salts for /etc/passwd was to use the first two letters of the
> username after all.
Gah. I blame (jet|beer)lag. You're right, of course. Salts just need to
be distributed, because you usually store them along with the encrypted
password after all.
Now it can be argued that random() just isn't distributed enough for
even that - using the userid is usually guaranteed to be distributed
since it's the primary key...
/me pulls bag back over head.
//Magnus