From: KOSAKI Motohiro Date: 2011-04-16T12:47:30+09:00 Subject: [ruby-core:35782] Re: [Ruby 1.9 - Bug #4579] SecureRandom + OpenSSL may repeat with fork Hi > Motohiro: I don't know you're serious or not about using pthread_atfork(), we should ask to change OpenSSL's "1 time initialization by RAND_poll() per process when using built-in MD based RPNG engine" strategy if we really want. It's ruby's spec. We already decided random seed should reinitialize per fork. void rb_thread_atfork(void) { rb_thread_atfork_internal(terminate_atfork_i); GET_THREAD()->join_list_head = 0; /* We don't want reproduce CVE-2003-0900. */ rb_reset_random_seed(); } Now, SecureRandom is insecure than normal random from fork issue. It's rather than unhappy.