From: azet@... Date: 2016-06-15T12:03:08+00:00 Subject: [ruby-core:76033] [Ruby trunk Bug#9569] SecureRandom should try /dev/urandom first Issue #9569 has been updated by Aaron Zauner. @Shouhei Urabe: FYI; this is exactly what Scott did: https://github.com/openssl/openssl/issues/898 and they're working on it. If you currently use OpenSSL with an old release (e.g. you run a legacy RedHat or CentOS system because some application or vendor requirements [e.g. prominent closed-source databases] depends on it) and you want to use Ruby on that as well, `SecureRandom` is -- as Scott points out -- `InsecureRandom`. I've audited Tony's `Sysrandom` and it's a sound solution and wrapper for `SecureRandom`. I urge the Ruby team to look into it. A few years back Ruby was exploitable exactly because of the OpenSSL RNG, remember the fix from Martin Bosslet back then? https://emboss.github.io/blog/2013/08/21/openssl-prng-is-not-really-fork-safe/ ---------------------------------------- Bug #9569: SecureRandom should try /dev/urandom first https://bugs.ruby-lang.org/issues/9569#change-59234 * Author: Corey Csuhta * Status: Open * Priority: Normal * Assignee: * ruby -v: * Backport: ---------------------------------------- Right now, `SecureRandom.random_bytes` tries to detect an OpenSSL to use before it tries to detect `/dev/urandom`. I think it should be the other way around. In both cases, you just need random bytes to unpack, so SecureRandom could skip the middleman (and [second point of failure](http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/)) and just talk to `/dev/urandom` directly if it's available. Is this a case of just re-ordering the two code chunks so that `/dev/urandom` is tried first? Relevant lines: https://github.com/ruby/ruby/blob/trunk/lib/securerandom.rb#L59-L90 -- https://bugs.ruby-lang.org/ Unsubscribe: