From: David MENTRE <dmentre@linux-france.org>
To: Gerd Stolpmann <info@gerd-stolpmann.de>
Cc: Xavier Leroy <Xavier.Leroy@inria.fr>, caml-list@inria.fr
Subject: Re: [Caml-list] Hashtbl and security
Date: Mon, 2 Jan 2012 10:34:31 +0100 [thread overview]
Message-ID: <CAC3Lx=ZZtc2ogqxP3ibVdLxWQzeveZET_JguSb6WfFhNYDxbeg@mail.gmail.com> (raw)
In-Reply-To: <1325451843.5036.165.camel@samsung>
Hello,
2012/1/1 Gerd Stolpmann <info@gerd-stolpmann.de>:
> Am Sonntag, den 01.01.2012, 18:29 +0100 schrieb Xavier Leroy:
>> On 01/01/2012 01:52 PM, Richard W.M. Jones wrote:
[...]
>> > It may be worth noting that Perl solved this problem (back in 2003) by
>> > unconditionally using a seed which is a global set to a random number
>> > during interpreter initialization.
>>
>> That's how my initial reimplementation of Hashtbl worked, using the
>> Random module to produce seeds, but I was told (correctly) that in
>> security-sensitive applications it's better to leave the generation of
>> random numbers under control of the programmer. For some applications
>> Random.self_init might be good enough and for others stronger
>> randomness is needed.
>>
>> Of course, you can trivially emulate Perl's behavior using the new
>> Hashtbl implementation + the Random module.
[...]
> Nevertheless, Ocaml is now widely used in environments where
> a certain minimum of security is demanded, and I think Ocaml should
> provide this minimum at least, and use it for things like an
> automatically chosen seed for hash tables.
I share Gerd's opinion that OCaml should provide a "reasonable
default", even if this default my not be enough for applications that
need a strong security.
Another "solution" would be to flag this API as a potential security
issue in the documentation and/or provide a compiler warning to emit a
warning if Hashtbl is used without proper initialization.
Best regards,
david
next prev parent reply other threads:[~2012-01-02 9:35 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-30 16:44 Gerd Stolpmann
2011-12-30 16:48 ` Yaron Minsky
2011-12-30 19:01 ` David Allsopp
2011-12-30 20:52 ` Yaron Minsky
2011-12-30 21:54 ` Gerd Stolpmann
2011-12-30 17:06 ` Xavier Leroy
2011-12-30 21:16 ` Gerd Stolpmann
2011-12-31 0:57 ` oliver
2011-12-31 0:59 ` oliver
2012-01-01 12:52 ` Richard W.M. Jones
2012-01-01 17:29 ` Xavier Leroy
2012-01-01 21:04 ` Gerd Stolpmann
2012-01-01 23:24 ` oliver
2012-01-01 23:58 ` Gerd Stolpmann
2012-01-02 1:43 ` oliver
2012-01-04 17:56 ` Damien Doligez
2012-01-04 21:52 ` oliver
2012-01-02 9:34 ` David MENTRE [this message]
2012-01-30 10:54 ` Goswin von Brederlow
2011-12-30 17:40 ` rixed
2011-12-30 17:52 ` Edgar Friendly
2011-12-31 1:02 ` oliver
2011-12-31 0:33 ` oliver
2012-01-02 0:21 ` Shawn Wagner
2012-01-02 14:52 ` Gerd Stolpmann
2012-01-30 10:51 ` Goswin von Brederlow
2012-01-31 14:16 ` Gerd Stolpmann
2012-02-08 9:41 ` Goswin von Brederlow
2012-02-08 10:43 ` Philippe Wang
2012-02-08 10:46 ` AUGER Cédric
2012-02-09 13:22 ` Goswin von Brederlow
2012-02-09 14:48 ` Gerd Stolpmann
2012-02-08 11:12 ` Gerd Stolpmann
2012-02-09 13:11 ` Goswin von Brederlow
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAC3Lx=ZZtc2ogqxP3ibVdLxWQzeveZET_JguSb6WfFhNYDxbeg@mail.gmail.com' \
--to=dmentre@linux-france.org \
--cc=Xavier.Leroy@inria.fr \
--cc=caml-list@inria.fr \
--cc=info@gerd-stolpmann.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox