Issue #9569 has been updated by Shyouhei Urabe.


Aaron Zauner wrote:
> FYI; this is exactly what Scott did back in March: https://github.com/openssl/openssl/issues/898 and they're working on it.

I wasn't aware that Scott is the one who opened that ticket.  Thank you for pointing this out.

So he is (at least trying to) make the world better.  I'd like to appreciate him about it.

Now, there are several choices proposed:

- Use OS-provided random device (OP's choice)
- Use OpenSSL (current choice)
- Use libsodium (Tony's choice)
- Make a tailored library to provide arc4random (Yui's choice)

Everyone advocates their advantages.  Maybe "OpenSSL should die" can be the only thing everyone agree?  Several also seem to agree that Linux kernel devs are toxic, but then I don't understand why they think it's OK to continue using it (but not OpenSSL).  It would make sense if people propose Ruby to drop Linux support and move to OpenBSD but ...

----------------------------------------
Bug #9569: SecureRandom should try /dev/urandom first
https://bugs.ruby-lang.org/issues/9569#change-59246

* Author: Corey Csuhta
* Status: Open
* Priority: Normal
* Assignee: 
* ruby -v: 
* Backport: 
----------------------------------------
Right now, `SecureRandom.random_bytes` tries to detect an OpenSSL to use before it tries to detect `/dev/urandom`. I think it should be the other way around. In both cases, you just need random bytes to unpack, so SecureRandom could skip the middleman (and [second point of failure](http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/)) and just talk to `/dev/urandom` directly if it's available.

Is this a case of just re-ordering the two code chunks so that `/dev/urandom` is tried first?

Relevant lines: https://github.com/ruby/ruby/blob/trunk/lib/securerandom.rb#L59-L90



-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>