On 2022-06-08, Liliana Marie Prikler wrote: > Am Montag, dem 06.06.2022 um 18:49 -0700 schrieb Vagrant Cascadian: >> p.s. Obviously, I picked the best random number. > I beg to differ. >> +-RandomPrime: RandomPrime.c >> +- $(CC) -O3 -o RandomPrime RandomPrime.c >> +- >> +-DwRandPrime.h: RandomPrime >> +- if [ -e /dev/urandom ] ; then ./RandomPrime > DwRandPrime.h ; >> fi >> ++DwRandPrime.h: >> ++ echo '#define MUL_CONSTANT 1238145941' > DwRandPrime.h > This does not satisfy requirement #221: chosen by a fair dice roll. > Randomness can therefore not be guaranteed.
I will admit to "Obviously, I picked the best random number." as a joke. Hard-coding any supposedly random number seems awfully wrong to me! This is a not particularly great patch to make it compile reproducibly, on the *assumption* that number will not actually be used in practice, because it *supposed* to only be used when /dev/urandom is not available. I would love to see better patches that make fewer assumptions! FWIW, This is effectively the same embedded random number used in the Debian patch, although the maradns packaging in Debian basically comes to the same result by copying files around rather than patching them directly. live well, vagrant
signature.asc
Description: PGP signature
