Bug 7169 - Current configuration of /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.60.x86_64/jre/lib/security/java.security file won't allow users normally run TokenConverter for RSA tokens on ROSA Linux
: Current configuration of /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.60.x86_64/jre/...
Status: CONFIRMED
Product: Desktop Bugs
Classification: ROSA Desktop
Component: Main Packages
: Fresh
: x86_64 Linux
: Normal normal
: ---
Assigned To: ROSA Linux Bugs
: ROSA Linux Bugs
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-06-30 16:35 MSD by Svyatoslav Vorona
Modified: 2016-07-02 08:17 MSD (History)
1 user (show)

See Also:
RPM Package: java-1.8.0-openjdk-headless-1.8.0.60-1.b16-rosa2014.1.x86_64
ISO-related:
Bad POT generating:
Upstream:


Attachments
TokenConverter guide see page 13 at the bottom (323.93 KB, application/pdf)
2016-06-30 16:35 MSD, Svyatoslav Vorona
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Svyatoslav Vorona 2016-06-30 16:35:22 MSD
Created attachment 4490 [details]
TokenConverter guide see page 13 at the bottom

Description of problem: There is a requirement in RSA SecurID ® Software Token Converter 3.1 Administrator’s Guide document regarding Red Hat Linux systems regarding java.security file:

Prerequisite for Using Red Hat Linux
To ensure that the Token Converter will run on Red Hat Linux, you must update the java.security file.

1. Open the $JAVA_HOME/jre/lib/security/java.security (/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.60.x86_64/jre/lib/security/java.security in our case) file in a text editor.

2. Change the line:

securerandom.source=file:/dev/./random
to
securerandom.source=file:/dev/./urandom

3. Save the change and exit the text editor.

Why it's no implemented in ROSA Fresh and is it possible to change this packaged file in repository package? Is it security hole or not? With this edit users will receive ability to use tokenconverter on ROSA with comfort and without manual edit of this file. Since ROSA Linux and Mandriva Linux took a lot from Red Hat and rpm based distros this one take place too, and user need to manually edit this file in order to use tokenconverter in Linux to handle RSA token ID files.


Version-Release number of selected component (if applicable): java-1.8.0-openjdk-headless-1.8.0.60-1.b16-rosa2014.1.x86_64 rpm package, same for 32 bit arch too.


How reproducible: In procedure of getting RSA token code for token installation on phone or PC with TokenConverter.jar file.


Steps to Reproduce:
1. Run tokenconverter to convert RSA token like this: 
$ java -jar TokenConverter.jar token_file.sdtid -android -p token_passwd
2. Got instant delay for a while and finally fail to convert token
3. Edit file /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.60.x86_64/jre/lib/security/java.security as it's done in RSA token converter guide.
4. Got tokenconverter working