Bug 1016361 - securerandom.source value in $JAVA_HOME/jre/lib/security/java.security is incorrect
securerandom.source value in $JAVA_HOME/jre/lib/security/java.security is inc...
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: java-1.6.0-sun (Show other bugs)
x86_64 Linux
low Severity low
: rc
: ---
Assigned To: jiri vanek
BaseOS QE - Apps
Depends On:
  Show dependency treegraph
Reported: 2013-10-07 23:07 EDT by August Simonelli
Modified: 2014-05-06 18:00 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2014-05-06 18:00:35 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description August Simonelli 2013-10-07 23:07:12 EDT
Description of problem:

The value set for securerandom.source in  $JAVA_HOME/jre/lib/security/java.security is /dev/urandom but for some reason java sees this as /dev/random and jvm startup times are slow when they rely on this. Instead it should be /dev/./urandom

Version-Release number of selected component (if applicable):

How reproducible:

Run an app with the default settings that relies on this file.

Steps to Reproduce:
1. Install Sun Java RPM or OpenJDK RPM
2. Run app utilizing securerandom.source 

Actual results:

Startup times are very slow while /dev/random sorts out randomness.

Expected results:

/dev/urandom is used and startup times are fast.

Additional info:


Comment 1 August Simonelli 2013-10-07 23:08:19 EDT
As a workaround


can be set, but it seems the intention of using /de/urandom is to avoid this problem and therefor should be /dev/./urandom
Comment 3 RHEL Product and Program Management 2013-10-13 19:03:09 EDT
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unable to address this
request at this time.

Red Hat invites you to ask your support representative to
propose this request, if appropriate, in the next release of
Red Hat Enterprise Linux.
Comment 5 Deepak Bhole 2014-05-06 18:00:35 EDT
The provided bug link in the original comment no longer works. However this has been brought up before. urandom does not provide as strong an initial seed as urandom and is therefore intentionally not the default:


Closing as WONTFIX.

Note You need to log in before you can comment on or make changes to this bug.