From abb4f2a765a08e7ef2935bb94ea44d07e1e68bfd Mon Sep 17 00:00:00 2001
From: "Paul J. Davis" <paul.joseph.davis@gmail.com>
Date: Thu, 19 Aug 2010 19:01:16 -0400
Subject: [PATCH] Reseed the random number generator after fork().
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Web applications use random numbers for things like sessions, if
we don't reseed then each worker will generate the same sequence
of random numbers which can lead to security concerns.

Thanks to Jonas Borgström for the patch.
---
 THANKS                   | 2 ++
 gunicorn/workers/base.py | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/THANKS b/THANKS
index 3b9fa666..30498a6c 100644
--- a/THANKS
+++ b/THANKS
@@ -13,3 +13,5 @@ Chris Dent <chris.dent@gmail.com>
 Matt Good <matt@matt-good.net>
 Randall Leeds <randall.leeds@gmail.com>
 thomasst <http://github.com/thomasst>
+Jonas Borgström <http://github.com/jborg>
+
diff --git a/gunicorn/workers/base.py b/gunicorn/workers/base.py
index cf2d52d4..e87f2939 100644
--- a/gunicorn/workers/base.py
+++ b/gunicorn/workers/base.py
@@ -6,6 +6,7 @@
 
 import logging
 import os
+import random
 import signal
 import sys
 import tempfile
@@ -82,6 +83,9 @@ class Worker(object):
         """
         util.set_owner_process(self.cfg.uid, self.cfg.gid)
 
+        # Reseed the random number generator
+        random.seed()
+
         # For waking ourselves up
         self.PIPE = os.pipe()
         map(util.set_non_blocking, self.PIPE)