apurtell commented on a change in pull request #4118:
URL: https://github.com/apache/hbase/pull/4118#discussion_r821000353
##########
File path: hbase-common/src/main/java/org/apache/hadoop/hbase/util/Bytes.java
##########
@@ -2358,7 +2360,7 @@ public static void zero(byte[] b, int offset, int length)
{
Arrays.fill(b, offset, offset + length, (byte) 0);
}
- private static final SecureRandom RNG = new SecureRandom();
+ private static final Random RNG = new Random();
Review comment:
Thanks for pointing this out @Apache9 . I think becasue we did not
advertise the security of the underlying RNG on Bytes#random (like in javadoc)
we are safe here. There should not be an assumption. The new Bytes#secureRandom
does imply the underlying RNG is SecureRandom. I think this is an improvement.
I will also update the javadoc of these methods to clarify.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@hbase.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
