Project

General

Profile

Actions

Bug #9569

closed

SecureRandom should try /dev/urandom first

Added by cjcsuhta (Corey Csuhta) over 10 years ago. Updated almost 8 years ago.

Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
Backport:
[ruby-core:61094]

Description

Right now, SecureRandom.random_bytes tries to detect an OpenSSL to use before it tries to detect /dev/urandom. I think it should be the other way around. In both cases, you just need random bytes to unpack, so SecureRandom could skip the middleman (and second point of failure) and just talk to /dev/urandom directly if it's available.

Is this a case of just re-ordering the two code chunks so that /dev/urandom is tried first?

Relevant lines: https://github.com/ruby/ruby/blob/trunk/lib/securerandom.rb#L59-L90


Related issues 4 (0 open4 closed)

Related to Ruby master - Bug #13885: Random.urandom と securerandom についてClosedActions
Related to Ruby master - Bug #14716: SecureRandom throwing an error in Ruby 2.5.1ClosedActions
Related to Ruby master - Bug #15039: Random.urandom and SecureRandom arc4random useClosedActions
Related to Ruby master - Misc #17319: Rename Random.urandom to os_random and document random data sourcesRejectedActions
Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0