If you do
import java.security.SecureRandom;
class JRand {
public static void main(String args[]) throws Exception {
System.out.println("Ok: " +
SecureRandom.getInstance("SHA1PRNG").nextLong());
}
}
then SecureRandom will read from /dev/random even if securerandom.source is configured to use /dev/urandom. This is a problem if /dev/urandom was chosen because /dev/random is not working properly.
The root cause is that 4705093 assigned special meaning to the string "/dev/urandom".
Comments
Should be clearer as a result of this bug.
2013-04-12
EVALUATION
The new behavior is as intended, closing as not-a-bug. If the 1.4.2 behavior is required, use either of the workarounds listed above. Note that both workarounds work on 1.4.2 and 5.0 and exhibit the exactly same behavior.
2006-11-28
WORK AROUND
Alternatively, set securerandom.source to file:/dev/./urandom
With that setting in JDK 5.0, the behavior will be exactly the same as with file:/dev/urandom in 1.4.2.