I think it has to do with how much random input the salt is expecting. 
I'd have to do some research to be sure, though.

Anyone?

In Horde_Auth::getSalt(), we always use an MD5 hash as the basis for 
the salt, unless a seed is specified. What I don't get is, why we 
sometimes hash mt_rand() directly, and sometimes 2 or 3 calls to 
mt_rand(), converted to hex strings?

This seems like the correct thing to do.

Any opinions how to generate more random keys best? I tend to simply 
use Horde_Support_Randomid everywhere. We can always improve that in a 
single place if necessary then.

It could theoretically be used for information leakage if another 
application or host is using the same temp directory. But like I said, 
this is really picky.

These have nothing to do with security AFAIK - they are simply 
intended to create non-colliding identifiers.

The question is, what else to we use (additionally?) as a secret or 
source of randomness? /dev/urandom is not available on all systems. 
Our pre-generated secret_key doesn't change.
In Horde_Support we use:
- php_uname('n') or ip address (not random, only to avoid collisions)
- uniqid() (with the more-entropy parameter a good candidate)
- zend_thread_id()/getmypid() (short)
- microtime() (predictable)

Horde_Oauth and Horde_Token use microtime() resp. time() for Nonces.

This needs to applied to:
Horde_Auth::getSalt(), genRandomPassword() (salt and password generation)
Horde_ActiveSync_State_Base::generatePolicyKey()
Horde_Secret::setKey()
Shout::genDeviceAuth()

And probably to share and object ids and resources too, since they 
could be used to share hidden shares/objects through a secret url:
Horde_Core_Imsp_Utils::synchShares()
Kronolith_Resource::addResource()
Turba_Driver::_makeKey()

I'm unsure about:
Kolab_Storage

Only if being anal for:
Horde_Form_Type_image::getRandomId()
Horde_Util::createTempDir()
Gollem_Api::setSelectlist()

I can confirm the imp/mimp calls are fine.

These are the calls in HEAD that are potentially of concern. Most 
likely not all of them are; these are the ones I wasn't able to filter 
out without looking at context.

Shouldn't use mt_rand on its own to generate a key for a password 
reset or a new password or anything else that could be exploited:

http://www.suspekt.org/2008/08/17/mt_srand-and-not-so-random-numbers/