You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by GitBox <gi...@apache.org> on 2022/05/01 14:59:59 UTC

[GitHub] [ozone] adoroszlai opened a new pull request, #3374: HDDS-6678. Use secure random in production code

adoroszlai opened a new pull request, #3374:
URL: https://github.com/apache/ozone/pull/3374

   ## What changes were proposed in this pull request?
   
   Use secure random number generator where necessary in production code.  Suppress RNG-related warning in other places.
   
   https://issues.apache.org/jira/browse/HDDS-6678
   
   ## How was this patch tested?
   
   Regular CI:
   https://github.com/adoroszlai/hadoop-ozone/actions/runs/2253298700


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org

[GitHub] [ozone] kerneltime commented on pull request #3374: HDDS-6678. Use secure random in production code

Posted by GitBox <gi...@apache.org>.

kerneltime commented on PR #3374:
URL: https://github.com/apache/ozone/pull/3374#issuecomment-1115282387

   Also, which exact check in our build tests for this?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org

[GitHub] [ozone] adoroszlai commented on pull request #3374: HDDS-6678. Use secure random in production code

Posted by GitBox <gi...@apache.org>.

adoroszlai commented on PR #3374:
URL: https://github.com/apache/ozone/pull/3374#issuecomment-1115289547

   > Also, which exact check in our build tests for this?
   
   [Sonar](https://sonarcloud.io/project/overview?id=hadoop-ozone).  It's not part of the PR checks, but is updated for each change post-commit.  I was looking for code coverage of EC when I noticed this.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org

[GitHub] [ozone] adoroszlai commented on pull request #3374: HDDS-6678. Use secure random in production code

Posted by GitBox <gi...@apache.org>.

adoroszlai commented on PR #3374:
URL: https://github.com/apache/ozone/pull/3374#issuecomment-1116273040

   @ayushtkn I think addressing these Sonar warnings on a best effort basis is fine.  Suppression is only added to avoid having to check warnings for the same parts of code over and over.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org

[GitHub] [ozone] adoroszlai commented on pull request #3374: HDDS-6678. Use secure random in production code

Posted by GitBox <gi...@apache.org>.

adoroszlai commented on PR #3374:
URL: https://github.com/apache/ozone/pull/3374#issuecomment-1122488831

   Thanks @ayushtkn and @kerneltime for the review.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org

[GitHub] [ozone] kerneltime commented on pull request #3374: HDDS-6678. Use secure random in production code

Posted by GitBox <gi...@apache.org>.

kerneltime commented on PR #3374:
URL: https://github.com/apache/ozone/pull/3374#issuecomment-1115281870

   The places where we override seem safe. Any thoughts about using `SecureRandom.getInstanceStrong()` (Ref: https://tersesystems.com/blog/2015/12/17/the-right-way-to-use-securerandom/)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org

[GitHub] [ozone] adoroszlai merged pull request #3374: HDDS-6678. Use secure random in production code

Posted by GitBox <gi...@apache.org>.

adoroszlai merged PR #3374:
URL: https://github.com/apache/ozone/pull/3374


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org