Warning: getmypid() has been disabled for security reasons in drupal_random_bytes() (line 4193 of /includes/common.inc)

CommentFileSizeAuthor
#2 drupal_random_bytes.patch1.05 KBjbrown
PASSED: [[SimpleTest]]: [MySQL] 19,019 pass(es). View
#1 common.inc_.04042010.patch496 bytessudhirporwal
PASSED: [[SimpleTest]]: [MySQL] 19,031 pass(es). View
Members fund testing for the Drupal project. Drupal Association Learn more

Comments

sudhirporwal’s picture

Status: Active » Needs review
FileSize
496 bytes
PASSED: [[SimpleTest]]: [MySQL] 19,031 pass(es). View

This warning occurs on many webhosts (especially free ones).

On inspecting the code, I found out the getmypid() is only being used for getting a random number for $random_state variable.

So, this getmypid() call can easily be replaced by a mt_rand() call which will cause the warning to disappear.

I am attaching a patch which fixes this warning.

jbrown’s picture

FileSize
1.05 KB
PASSED: [[SimpleTest]]: [MySQL] 19,019 pass(es). View

It isn't necessary for $random_state to be seeded - mt_rand() is seeded automatically internally.

pwolanin’s picture

supplying a different fix at: http://drupal.org/node/723802#comment-2807690

jbrown’s picture

Status: Needs review » Closed (duplicate)