|Perl: the Markov chain saw|
Re: What is the truth about srand()?by doc_faustroll (Scribe)
|on Mar 29, 2006 at 15:46 UTC||Need Help??|
call srand when you want a seed which is not /dev/urandom.
What exactly are you using this for? if crypto, put care and thought into it.
from my docs on srand:
Note that you need something much more random than the default seed for cryptographic purposes. Checksumming the compressed output of one or more rapidly changing operating system status programs is the usual method. For example: srand (time ^ $$ ^ unpack "%L*", ‘ps axww │ gzip‘); If you’re particularly concerned with this, see the "Math::Tru lyRandom" module in CPAN.
also, what is your version of Perl? I can't speak for your version but here is a relevant passage from mine. v5.8.5
Most programs won’t even call srand() at all, except those that need a cryptographically-strong starting point rather than the generally acceptable default, which is based on time of day, process ID, and memory allocation, or the /dev/urandom device, if available.