From: merch-redmine@... Date: 2016-05-04T02:21:14+00:00 Subject: [ruby-core:75344] [Ruby trunk Bug#9569] SecureRandom should try /dev/urandom first Issue #9569 has been updated by Jeremy Evans. Delan Azabani wrote: > Changing the order of `SecureRandom.gen_random` should be enough to fix this bug, but I would also suggest adding `arc4random(3)` or `getentropy(2)` to the collection of system calls tried by `fill_random_bytes_syscall`, which will mitigate file descriptor exhaustion attacks for OpenBSD users. Nothing needs to be done on OpenBSD, since SecureRandom.random_bytes uses OpenSSL::Random.random_bytes, which calls RAND_bytes(3). OpenBSD uses LibreSSL, which on OpenBSD has RAND_bytes(3) call arc4random_buf(3) which calls getentropy(2). OpenBSD's libssl already mitigates file descriptor exhaustion attacks. ---------------------------------------- Bug #9569: SecureRandom should try /dev/urandom first https://bugs.ruby-lang.org/issues/9569#change-58473 * Author: Corey Csuhta * Status: Rejected * Priority: Normal * Assignee: ruby-core * ruby -v: * Backport: ---------------------------------------- Right now, `SecureRandom.random_bytes` tries to detect an OpenSSL to use before it tries to detect `/dev/urandom`. I think it should be the other way around. In both cases, you just need random bytes to unpack, so SecureRandom could skip the middleman (and [second point of failure](http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/)) and just talk to `/dev/urandom` directly if it's available. Is this a case of just re-ordering the two code chunks so that `/dev/urandom` is tried first? Relevant lines: https://github.com/ruby/ruby/blob/trunk/lib/securerandom.rb#L59-L90 -- https://bugs.ruby-lang.org/ Unsubscribe: