Issue #4579 has been updated by Motohiro KOSAKI. File ossl_rand2.patch added More paranoia patch is here. ---------------------------------------- Bug #4579: SecureRandom + OpenSSL may repeat with fork http://redmine.ruby-lang.org/issues/4579 Author: Eric Wong Status: Open Priority: Normal Assignee: Category: lib Target version: 1.9.x ruby -v: ruby 1.9.3dev (2011-04-14 trunk 31267) [x86_64-linux] This could arguably be a bug in OpenSSL or the openssl extension, but I think it's easier to fix in Ruby right now. The PRNG in OpenSSL uses the PID to seed the PRNG. Since PIDs get recycled over time on Unix systems, this means independent processes over a long time span will repeat random byte sequences. This has security implications, but fortunately very little software forks very frequently. I am not a security expert. I am using OpenSSL 0.9.8g-15+lenny11 (Debian Lenny) Attached is a script that reproduces the issue (takes a while to run). It'll output two identical lines to illustrate the issue. -- http://redmine.ruby-lang.org