[concurrency-interest] ThreadLocalRandom clinit troubles

Oleksandr Otenko oleksandr.otenko at oracle.com
Mon Jul 14 11:18:40 EDT 2014


Can someone summarize what happened?

SecureRandom used to get entropy from /dev/random, which is configurable 
through a policy file to /dev/urandom. Has this changed?

Alex

On 12/07/2014 00:33, Martin Buchholz wrote:
> Thanks to Peter for digging into the secure seed generator classes and 
> coming up with a patch.  Openjdk security folks, please review.  I 
> confess to getting lost whenever I try to orient myself in the twisty 
> maze of seed generator implementation files.
>
> Anyways, it seems important to have prngs like ThreadLocalRandom be 
> able to get a few bits of seed entropy without loading hundreds of 
> classes and without occupying any file descriptors permanently. 
>  Perhaps at Google we will go back to writing some simple non-portable 
> startup code to read /dev/urandom until openjdk security team comes up 
> with a more principled solution (but one that doesn't drag in too much 
> machinery).
>
>
> _______________________________________________
> Concurrency-interest mailing list
> Concurrency-interest at cs.oswego.edu
> http://cs.oswego.edu/mailman/listinfo/concurrency-interest

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs.oswego.edu/pipermail/concurrency-interest/attachments/20140714/de7b81e0/attachment.html>


More information about the Concurrency-interest mailing list