[wp-trac] [WordPress Trac] #28633: Generate better random numbers

WordPress Trac noreply at wordpress.org
Fri Feb 13 02:18:28 UTC 2015


#28633: Generate better random numbers
-------------------------------------+------------------------------
 Reporter:  sarciszewski             |       Owner:
     Type:  enhancement              |      Status:  new
 Priority:  normal                   |   Milestone:  Awaiting Review
Component:  Security                 |     Version:  trunk
 Severity:  major                    |  Resolution:
 Keywords:  needs-testing has-patch  |     Focuses:
-------------------------------------+------------------------------

Comment (by sarciszewski):

 > We can leave it out of any improvements.

 I disagree strongly for one simple reason: Some developers can and will
 refer to the WordPress core as a source of authority and inspiration. If
 we expose an insecure method as "very random", it may lead to bad habits
 propagating into the next generation.

 I learned how to use MySQL from PHP by reading the source code in nulled
 copies of Invision Power Board circa 2002.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/28633#comment:27>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list