Hi Leigh, On Wed, Jun 15, 2016 at 1:46 AM, Leigh <lei...@gmail.com> wrote: > > The issues I want to bring up for discussion are. > > * Replacing mt_rand() and rand() to a strong, modern RNG. > * Alternatively, fixing the current mt_rand() implementation to make it > standard > * Aliasing rand() to mt_rand() to improve output and cross-platform support > * Fixing RAND_RANGE for large ranges. > * Replacing insecure uses of php_rand() with php_random_bytes() > * Making the array_rand() algorithm more efficient > > The RFC can be found here: https://wiki.php.net/rfc/rng_fixes
+1 in general. There should be a way to produce compatible random sequences for compatibility for reasonable periods, 5+ years at least. IMHO. INI switch for this is required. Regards, -- Yasuo Ohgaki yohg...@ohgaki.net -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
