improved thread safety?

David Collier-Brown davecb at
Mon Jan 21 12:41:30 GMT 2008

Andrew Bartlett wrote:
> On Sat, 2008-01-19 at 14:46 -0500, David Collier-Brown wrote:
>>>Jelmer Vernooij wrote:
>>>>>    random
>>>>>    srandom
>>>>I'm not sure what to do about these. Are there any better alternatives?
>>     	Sun says "Newer and better performing random number generators such as
>>     	addrans() and lcrans() are available" but they're older, solaris-only
>>	ones. Mac has arc4random(3), and so on...
>>	I suspect you may need to research portable random number routines,
>>	as used on multiple platforms by folks like Open SSH
> The use of random() in Samba4 is numerous, but unimportant.  It is used
> extensively in the smbtorture suite (where setting the random seed with
> srandom(), to obtain a reproducable run, is useful).  
> It is not used in any location where cryptographicly secure random data
> is desirable. 
> We have a arcfour based PRNG we seed with /dev/urandom at startup, and I
> only found 1 place where we actually wanted really, really secret
> (rather than just non-repeating) random numbers in Samba's core code
> (heimdal has it's own routines). 
> Andrew Bartlett

Ok, fixed, then!


David Collier-Brown            | Always do right. This will gratify
Sun Microsystems, Toronto      | some people and astonish the rest
davecb at                 |                      -- Mark Twain
(800) 555-9786 x56583 cell: (647) 833-9377 home off: (416) 223-5943 

More information about the samba-technical mailing list