Andres Freund <and...@2ndquadrant.com> writes: > On 2012-12-22 14:20:56 -0500, Tom Lane wrote: >> I believe that we'd be better off doing something in postmaster.c to >> positively ensure that each session has a distinct seed value.
> I am entirely unconvinced that adding in a gettimeofday() provides more > entropy than what openssl gathers internally after a > RAND_cleanup(). No, it doesn't provide more entropy, but what it does do is avoid draining entropy from the kernel (see my reply to Marko just now). > gettimeofday() will yield the same result in close > enough forks on a significant number of systems whereas openssl should > use stuff like /dev/urandom to initialize its PRNG after a cleanup. Well, in the first place, that doesn't matter much because the PRNG state will still change from repeated mix-ins of gettimeofday, even if we obtain the same reading successive times. In the second place, if we add it where I suggest, it would be easy to also include the child process PID in the added entropy -- we could xor it into the tv_sec value for instance -- thus further reducing the chance of identical values getting added in. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers