{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 虎瘦雄心在 的问题《What is /dev/arandom?》','https://www.manongdao.com/q-759444.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
This manual page says:
Note: As of PHP 5.4.0 session.entropy_file defaults to
/dev/urandomor/dev/arandomif it is available. In PHP 5.3.0 this directive is left empty by default.
So, what's /dev/arandom and how does it differ from /dev/[u]random?
This page does a reasonable job explaining what the device is:
More information about the underlying technique is available from Wikipedia.
From here. It appears as though
arandomwill guarantee that sufficient entropy is present before returning the amount of data requested. It also appears to be limited to OpenBSD implementations.urandomwill return the amount of data requested no matter whether there is enough entropy -- which obviously could introduce a vulnerability if there is not enough.