[wp-trac] Re: [WordPress Trac] #6293: phpass should use uniqid(), not getmypid()

WordPress Trac wp-trac at lists.automattic.com
Wed Mar 19 04:20:42 GMT 2008


#6293: phpass should use uniqid(), not getmypid()
------------------------+---------------------------------------------------
 Reporter:  tellyworth  |        Owner:  anonymous
     Type:  defect      |       Status:  new      
 Priority:  normal      |    Milestone:  2.5      
Component:  General     |      Version:  2.5      
 Severity:  blocker     |   Resolution:           
 Keywords:  has-patch   |  
------------------------+---------------------------------------------------
Comment (by Viper007Bond):

 Oh, also:

   Warning

   Process IDs are not unique, thus they are a weak entropy source. We
 recommend against relying on pids in security-dependent contexts.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/6293#comment:2>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list