Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-25659

InputStreamSecureRandom should open the urandom device file descriptor once at the start

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major - P3
    • Resolution: Duplicate
    • None
    • None
    • Security
    • None
    • Security

    Description

      The current approach is to use and toss out the secure random source after
      essentially one use. That means three syscalls are required for every generated number, including an expensive file open.

      Opening urandom once at startup, will help to find out early if there
      is a problem with the device permissions or descriptor limits, and could quit early with a better diagnostic message.

      Attachments

        Issue Links

          Activity

            People

              backlog-server-security Backlog - Security Team
              ricardo.lorenzo Ricardo Lorenzo
              Votes:
              4 Vote for this issue
              Watchers:
              14 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: