From: Hiroshi Nakamura <nakahiro@...>
Date: 2011-06-16T20:10:57+09:00
Subject: [ruby-core:37166] Re: [Ruby 1.9 - Bug #4579] SecureRandom + OpenSSL may repeat with fork

On Mon, Jun 13, 2011 at 17:07, Akira Tanaka <akr@fsij.org> wrote:
> I think securerandom_opensslfree.diff is too radical for this issue.
> It may decrease working platforms.

Agreed. Your fix is nice. We should have been aware of that. Thanks.

> However concrete advantage/disadvantage between OpenSSL and /dev/urandom is interesting.
> (portability, randomness quality, performance, ...)

On Linux, /dev/urandom seems to return  the values which are
"theoretically vulnerable to a cryptographic attack on the algorithms
used by the driver" (from man page). I though it returns shorter bytes
than expected. I was wrong.

And using /dev/urandom every time consumes too much entropy that OS
has, so /dev/random users would not like it. We should avoid using
/dev/urandom every time on the env w/o OpenSSL in the future.

Regards,
// NaHi