[concurrency-interest] ThreadLocalRandom clinit troubles (original) (raw)
Oleksandr Otenko oleksandr.otenko at oracle.com
Mon Jul 14 15🔞40 UTC 2014
- Previous message: ThreadLocalRandom clinit troubles
- Next message: [concurrency-interest] ThreadLocalRandom clinit troubles
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Can someone summarize what happened?
SecureRandom used to get entropy from /dev/random, which is configurable through a policy file to /dev/urandom. Has this changed?
Alex
On 12/07/2014 00:33, Martin Buchholz wrote:
Thanks to Peter for digging into the secure seed generator classes and coming up with a patch. Openjdk security folks, please review. I confess to getting lost whenever I try to orient myself in the twisty maze of seed generator implementation files.
Anyways, it seems important to have prngs like ThreadLocalRandom be able to get a few bits of seed entropy without loading hundreds of classes and without occupying any file descriptors permanently. Perhaps at Google we will go back to writing some simple non-portable startup code to read /dev/urandom until openjdk security team comes up with a more principled solution (but one that doesn't drag in too much machinery).
Concurrency-interest mailing list Concurrency-interest at cs.oswego.edu http://cs.oswego.edu/mailman/listinfo/concurrency-interest
- Previous message: ThreadLocalRandom clinit troubles
- Next message: [concurrency-interest] ThreadLocalRandom clinit troubles
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]