[wp-trac] [WordPress Trac] #28633: Generate better random numbers
WordPress Trac
noreply at wordpress.org
Fri Feb 13 02:27:10 UTC 2015
#28633: Generate better random numbers
-------------------------------------+------------------------------
Reporter: sarciszewski | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: trunk
Severity: major | Resolution:
Keywords: needs-testing has-patch | Focuses:
-------------------------------------+------------------------------
Comment (by jeremyfelt):
Replying to [comment:27 sarciszewski]:
> If we expose an insecure method as "very random", it may lead to bad
habits propagating into the next generation.
>
> I learned how to use MySQL from PHP by reading the source code in nulled
copies of Invision Power Board circa 2002.
Absolutely. Improved documentation to clarify code is always good. The
"very random" in this case is—or I read it as— tongue in cheek in the
context of the surrounding code, though it could be updated.
The `md5()` approach itself doesn't really need to be made more complex as
security is not a factor here.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/28633#comment:28>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list