Re: gen_random_uuid security not explicit in documentation

Michael Paquier <michael.paquier@gmail.com>

From: Michael Paquier <michael.paquier@gmail.com>
To: Heikki Linnakangas <hlinnaka@iki.fi>
Cc: rightfold@gmail.com, pgsql-docs@postgresql.org
Date: 2017-06-23T01:23:36Z
Lists: pgsql-hackers, pgsql-docs
On Fri, Jun 23, 2017 at 3:02 AM, Heikki Linnakangas <hlinnaka@iki.fi> wrote:
> I'm inclined to change gen_random_uuid() to throw an error if the server is
> built with --disable-strong-random, like gen_random_bytes() does. That way,
> they would behave the same.

No objections to do that. I guess you don't need a patch. As this is
new to 10, I have added an open item.

> Thoughts?

There is this comment in pgcrypto.c with a typo:
     * Generate random bits. pg_backend_random() will do here, we don't promis
s/promis/promise/.
-- 
Michael


Commits

  1. Forbid gen_random_uuid() with --disable-strong-random