[kaffe] CVS kaffe (guilhem): Fixlet for Security

Guilhem Lavaux guilhem at kaffe.org
Mon Aug 15 13:20:34 PDT 2005


On Mon, 2005-08-15 at 20:34 +0200, mag wrote:
> Hi!
> 
> I guess a warning about not finding good random source would
> be suitable here. It would be a pity to appear on bugtraq because
> this.
>
> Or did I misunderstood something?

I may print a warning on LameRandomness construction which is the
default constructor in the case UnixRandomness is not available. The
default implementation uses java.util.Random which is obviously of less
quality than urandom. However this may confuse some application which
would not expect this message. So I suggest to have a "quiet" property
to be able to shut it down just in case.

Regards,

Guilhem.

> 
> 2005-08-15, h keltezéssel 08.44-kor Kaffe CVS ezt írta:
> > PatchSet 6830 
> > Date: 2005/08/15 15:36:08
> > Author: guilhem
> > Branch: HEAD
> > Tag: (none) 
> > Log:
> > Fixlet for Security
> > 
> > 2005-08-15  Guilhem Lavaux  <guilhem at kaffe.org>
> > 
> >         * libraries/javalib/kaffe/security/providers/SHA1PRNG.java
> >         (<clinit>): Catch any remaining exception. This fixes a problem with
> >         SecureRandomTest not finding /dev/urandom on some system.
> 
> 
> _______________________________________________
> kaffe mailing list
> kaffe at kaffe.org
> http://kaffe.org/cgi-bin/mailman/listinfo/kaffe





More information about the kaffe mailing list