Don't *ever* use /dev/random as a session entropy file,
because session_handler will hang for a *long* time after
open(). This configuration will be *the* overkill:
<?php
ini_set("session.entropy_file",
"/dev/random");
ini_set("session.entropy_length",
"512");
?>
Use /dev/urandom instead. The reason for this is (from
Wikipedia):
A counterpart to /dev/random is /dev/urandom
("unlimited" random source) which reuses the
internal pool to produce more pseudo-random bits. This means
that the call will not block, but the output may contain
less entropy than the corresponding read from /dev/random.
We spent 2 days on figuring this out. You have been warned.
----
Server IP: 217.20.138.73
Probable Submitter: 195.228.228.82
----
Manual Page -- http://www.php.net/manual/en/function.session-start.php
Edit -- https://master
.php.net/note/edit/78394
Del: integrated -- h
ttps://master.php.net/note/delete/78394/integrated
Del: useless -- http
s://master.php.net/note/delete/78394/useless
Del: bad code -- htt
ps://master.php.net/note/delete/78394/bad+code
Del: spam -- https:/
/master.php.net/note/delete/78394/spam
Del: non-english --
https://master.php.net/note/delete/78394/non-english
Del: in docs -- http
s://master.php.net/note/delete/78394/in+docs
Del: other reasons-- https://mast
er.php.net/note/delete/78394
Reject -- https://mast
er.php.net/note/reject/78394
Search -- https://
master.php.net/manage/user-notes.php
--
PHP Notes Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub
.php
|