Skip to content

Commit fdbbfbf

Browse files
robrwothibaultduponchelle
authored andcommitted
Simplify the recommended alternatives to rand()
The CPAN Security Group (CPANSec) is currently working on guides to generating security-quality random data [1]. We are focusing on modules that have secure defaults and are fairly lightweight. We would like to change the recommended modules to ones that we think are better options. Crypt::URandom is portable, has fewer prerequisites than Crypt::Random, Math::Random::Secure or Data::Entropy, and works with Windows. Crypt::PRNG has secure defaults and methods for generating different kinds of random data. Math::TrulyRandom hasn't been updated since 1996, and is a solution intended for systems without something like /dev/random. Data::Entropy had a security issue that was recently fixed, and the latest version is marked as deprecated. [1] https://security.metacpan.org/docs/guides/random-data-for-security.html
1 parent d6f09a8 commit fdbbfbf

File tree

1 file changed

+2
-6
lines changed

1 file changed

+2
-6
lines changed

pod/perlfunc.pod

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -6691,13 +6691,9 @@ including:
66916691

66926692
=over
66936693

6694-
=item * L<Data::Entropy>
6694+
=item * L<Crypt::URandom>
66956695

6696-
=item * L<Crypt::Random>
6697-
6698-
=item * L<Math::Random::Secure>
6699-
6700-
=item * L<Math::TrulyRandom>
6696+
=item * L<Crypt::PRNG>
67016697

67026698
=back
67036699

0 commit comments

Comments
 (0)