Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-25659

InputStreamSecureRandom should open the urandom device file descriptor once at the start

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Duplicate
    • Icon: Major - P3 Major - P3
    • None
    • None
    • Security
    • None
    • Server Security

    Description

      The current approach is to use and toss out the secure random source after
      essentially one use. That means three syscalls are required for every generated number, including an expensive file open.

      Opening urandom once at startup, will help to find out early if there
      is a problem with the device permissions or descriptor limits, and could quit early with a better diagnostic message.

      Attachments

        Activity

          People

            backlog-server-security Backlog - Security Team
            ricardo.lorenzo Ricardo Lorenzo
            Votes:
            4 Vote for this issue
            Watchers:
            14 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: