From a75d13c63a118ab501affe6fb0baab1d692a3df9 Mon Sep 17 00:00:00 2001
From: Mike Pall <mike>
Date: Sun, 8 Dec 2019 19:01:06 +0100
Subject: Add note about the unsuitabilty of math.random() for crypto.

---
 doc/extensions.html | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'doc')

diff --git a/doc/extensions.html b/doc/extensions.html
index fa412e0e..9da38359 100644
--- a/doc/extensions.html
+++ b/doc/extensions.html
@@ -212,6 +212,10 @@ for every call. The result is uniformly distributed between 0.0 and 1.0.
 It's correctly scaled up and rounded for <tt>math.random(n&nbsp;[,m])</tt> to
 preserve uniformity.
 </p>
+<p>
+Important: Neither this nor any other PRNG based on the simplistic
+<tt>math.random()</tt> API is suitable for cryptographic use.
+</p>
 
 <h3 id="io"><tt>io.*</tt> functions handle 64&nbsp;bit file offsets</h3>
 <p>
-- 
cgit v1.2.1