Skip to Content [alt-c]

Andrew Ayer


LibreSSL's PRNG is Unsafe on Linux [Update: LibreSSL fork fix]

Comment by Reader Antoine

This comment is owned by whoever posted it. I am not responsible for it in any way.

"""It can do better than OpenSSL by killing the process instead of returning an easily-ignored error code."""

Hello? Seriously?? Please, this is not the 1980s anymore. Killing a process on error is a major PITA to anyone writing library code, or bindings for higher-level languages (which usually have a proper exception propagation mechanism, meaning you can't ignore an error return by mistake, you know).

Frankly, anyone who thinks that "killing a process" is a legitimate response for non-catastrophic failures should be banned from writing anything else than throwaway scripts and enterprise frameworks.

| Posted on 2014-07-16 at 00:18:00 UTC by Reader Antoine | Reply to This

Post a Reply

Your comment will be public. If you would like to contact me privately, please email me. Please keep your comment on-topic, polite, and comprehensible. Use the "Preview" button to make sure your comment is properly formatted. Name and email address are optional. If you specify an email address it will be kept confidential.

Post Comment

(Optional; will be published)

(Optional; will not be published)

(Optional; will be published)

  • Blank lines separate paragraphs.
  • Lines starting with ">" are indented as block quotes.
  • Lines starting with two spaces are reproduced verbatim.
  • Text surrounded by *asterisks* is italicized.
  • Text surrounded by `back ticks` is monospaced.
  • URLs are turned into links.