cryptographically secure due to concerns that end-users are unaware of
this and use it in situations where security depends on the strength of
the randomness generated.
I'd have been happier getting this patch in earlier in the cycle.
We'd hoped to replace the RNG, but that didn't happen in time, so this
doc update is the "better, still not good" fallback.
large or too small, then your version of Perl was probably compiled
with the wrong number of RANDBITS.)
+B<C<rand()> is not cryptographically secure. You should not rely
+on it in security-sensitive situations.> As of this writing, a
+number of third-party CPAN modules offer random number generators
+intended by their authors to be cryptographically secure,
+including: L<Math::Random::Secure>, L<Math::Random::MT::Perl>, and
+L<Math::TrulyRandom>.
+
=item read FILEHANDLE,SCALAR,LENGTH,OFFSET
X<read> X<file, read>