RFR 8156709: Cannot call setSeed on NativePRNG on Mac if EGD is /dev/urandom
Bradford Wetmore
bradford.wetmore at oracle.com
Tue May 10 23:55:38 UTC 2016
What a stupid bug in MacOS. You can write to /dev/random, but not
/dev/urandom.
Yosemite:
$ uname -a
Darwin smarks 14.5.0 Darwin Kernel Version 14.5.0: Tue Sep 1 21:23:09
PDT 2015; root:xnu-2782.50.1~1/RELEASE_X86_64 x86_64
(4:51:18 PM) $ ls -al /dev/*random
crw-rw-rw- 1 root wheel 11, 0 May 10 16:50 /dev/random
crw-rw-rw- 1 root wheel 11, 1 May 10 16:39 /dev/urandom
Change looks good.
Brad
On 5/10/2016 4:23 PM, Wang Weijun wrote:
> Hi All
>
> Please review the fix at
>
> http://cr.openjdk.java.net/~weijun/8156709/webrev.00/
>
> On *nix, we open EGD and write into it when setSeed() is called. We were aware of the device not openable and have been ignoring it (Note we still write to a mix random). Now it seems on a Mac is can be opened for write but not writable.
>
> See this jshell output, the exception is thrown on write().
>
> -> new FileOutputStream("/dev/urandom").write(12)
> | java.io.IOException thrown: Operation not permitted
> | at FileOutputStream.write (Native Method)
> | at FileOutputStream.write (FileOutputStream.java:291)
> | at (#17:1)
>
> Thanks
> Max
>
More information about the security-dev
mailing list