HiveBrain v1.2.0
Get Started
← Back to all entries
patternsqlMinor

Detect if `pg_crypto` in Postgres was built with strong random feature enabled

Submitted by: @import:stackexchange-dba··
0
Viewed 0 times
randombuiltenabledpostgreswithpg_cryptostrongwasdetectfeature

Problem

The source code for pg_crypto module mentions an option to build without cryptographically-strong random generation.

/*

-
Generate random bits. pg_backend_random() will do here, we don't promis

-
UUIDs to be cryptographically random, when built with

-
--disable-strong-random.

*/

Discussed further in this thread.

In the particular build I may be using, how can I detect if the strong random feature is enable or disabled?

Solution

--disable-strong-random is a PostgreSQL configuration option available in the ./configure script in the source code. You could check to see if your version of PostgreSQL and the associated contrib modules were built with it by using pg_config --configure and looking to see if that particular flag was passed in as part of the config process. Though as it says in the thread that was linked, no reasonable production platform would use that flag, so odds are that you've got a cryptographically random build.

Context

StackExchange Database Administrators Q#177462, answer score: 2

Revisions (0)

No revisions yet.