In the session section of PHP.ini
there is a directive called session.entropy_length
.
I'm aware that it's used to make the generation of the session id
more random.
How does it do that?
What is the maximum length?
What if it's exceeding the bits of the hash
in use?
session.entropy_length specifies the number of bytes which will be read from the file specified above. Defaults to 0 (disabled).
The "file mentioned above" is session.entropy_file
'entropy' for sessions is related to the randomness of session id values
来源:https://stackoverflow.com/questions/34966472/what-does-session-entropy-length-in-php-ini-do