Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-25659

InputStreamSecureRandom should open the urandom device file descriptor once at the start

    • Type: Icon: Improvement Improvement
    • Resolution: Duplicate
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Security
    • None
    • Server Security

      The current approach is to use and toss out the secure random source after
      essentially one use. That means three syscalls are required for every generated number, including an expensive file open.

      Opening urandom once at startup, will help to find out early if there
      is a problem with the device permissions or descriptor limits, and could quit early with a better diagnostic message.

            Assignee:
            backlog-server-security [DO NOT USE] Backlog - Security Team
            Reporter:
            ricardo.lorenzo Ricardo Lorenzo
            Votes:
            4 Vote for this issue
            Watchers:
            14 Start watching this issue

              Created:
              Updated:
              Resolved: