InputStreamSecureRandom should open the urandom device file descriptor once at the start

XMLWordPrintableJSON

    • Type: Improvement
    • Resolution: Duplicate
    • Priority: Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Security
    • None
    • Server Security
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None

      The current approach is to use and toss out the secure random source after
      essentially one use. That means three syscalls are required for every generated number, including an expensive file open.

      Opening urandom once at startup, will help to find out early if there
      is a problem with the device permissions or descriptor limits, and could quit early with a better diagnostic message.

            Assignee:
            [DO NOT USE] Backlog - Security Team
            Reporter:
            Ricardo Lorenzo (Inactive)
            Votes:
            4 Vote for this issue
            Watchers:
            14 Start watching this issue

              Created:
              Updated:
              Resolved: