[SERVER-25659] InputStreamSecureRandom should open the urandom device file descriptor once at the start - MongoDB Jira

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major - P3
Resolution: Duplicate
Affects Version/s: None
Fix Version/s: None
Component/s: Security
Labels:
None

Assigned Teams:

Security
Case:

Description

The current approach is to use and toss out the secure random source after
essentially one use. That means three syscalls are required for every generated number, including an expensive file open.

Opening urandom once at startup, will help to find out early if there
is a problem with the device permissions or descriptor limits, and could quit early with a better diagnostic message.

Attachments

Issue Links

is duplicated by

SERVER-26995 mongos crashed with cannot open /dev/urandom Too many open files

Closed

SERVER-43641 platform/random.h causing bugs, upgrade overdue

Closed

SERVER-51803 Please backport SERVER-43641

Closed

is related to

SERVER-28001 Mongodb Crashed with the Got signal: 6 (Aborted)

Closed

links to

SF-424829

Activity

People

Assignee:: Backlog - Security Team

Reporter:: Ricardo Lorenzo

Participants:: Andrew Morrow, Backlog - Security Team, birdylee_cn, Ricardo Lorenzo, Spencer Jackson

Votes:: 4 Vote for this issue

Watchers:: 14 Start watching this issue

Dates

Created:: Aug 17 2016 08:31:13 AM UTC

Updated:: Dec 06 2022 04:18:55 AM UTC

Resolved:: Nov 02 2020 08:24:47 PM UTC