[issue16190] Misleading warning in random module docs
New submission from Christian Heimes: The documentation [1] of the random module contains a misleading warning --- Warning: The generators of the random module should not be used for security purposes. Use ssl.RAND_bytes() if you require a cryptographically secure pseudorandom number generator. --- The warning should point users to os.urandom() and random.SystemRandom rather than ssl.RAND_bytes(). On Linux os.urandom() wraps /dev/urandom [2], on Windows it uses CryptGenRandom() [3]. Both are suitable for most cryptographic purposes except for long-lived keys (SSL, SSH, GPG certs etc.). ssl.RAND_bytes() should only be used for such long-lived data and not for salts, session ids and similar. I like to see the warning box in Python 2.7, too. It's still the default for docs.python.org. My inquiry is motivated by #16184. [1] http://docs.python.org/py3k/library/random.html [2] http://linux.die.net/man/4/urandom [3] http://msdn.microsoft.com/en-us/library/windows/desktop/aa379942%28v=vs.85%2... ---------- assignee: docs@python messages: 172589 nosy: christian.heimes, docs@python priority: normal severity: normal status: open title: Misleading warning in random module docs type: security versions: Python 2.7, Python 3.2, Python 3.3, Python 3.4 _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Georg Brandl added the comment: Sure, I'd propose a rewording that mentions both alternatives and when they should be used. ---------- nosy: +georg.brandl _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Changes by Raymond Hettinger <raymond.hettinger@gmail.com>: ---------- assignee: docs@python -> rhettinger components: +Documentation nosy: +rhettinger priority: normal -> low _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Changes by Ezio Melotti <ezio.melotti@gmail.com>: ---------- nosy: +ezio.melotti, haypo stage: -> needs patch _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
STINNER Victor added the comment: See also the issue #15213 (and the issue #12754). ---------- _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Changes by George Peristerakis <peristerakis@gmail.com>: ---------- nosy: +George.Peristerakis _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Changes by George Peristerakis <peristerakis@gmail.com>: ---------- nosy: -George.Peristerakis _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Christian Heimes added the comment: Thomas H. Ptacek pointed me to a good explanation: http://security.stackexchange.com/a/3939 TL;DR: Just use /dev/urandom and be happy. ---------- _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Antoine Pitrou added the comment: Agreed with a re-wording. ---------- nosy: +pitrou _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Changes by Donald Stufft <donald.stufft@gmail.com>: ---------- nosy: +dstufft _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Roundup Robot added the comment: New changeset 9df0501fab35 by Antoine Pitrou in branch '3.3': Issue #16190: fix random module recommendation to use ssl.RAND_bytes(). http://hg.python.org/cpython/rev/9df0501fab35 New changeset 04b50a1eb013 by Antoine Pitrou in branch 'default': Issue #16190: fix random module recommendation to use ssl.RAND_bytes(). http://hg.python.org/cpython/rev/04b50a1eb013 New changeset 48b618a9ad10 by Antoine Pitrou in branch '2.7': Issue #16190: fix random module recommendation to use ssl.RAND_bytes(). http://hg.python.org/cpython/rev/48b618a9ad10 ---------- nosy: +python-dev _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Antoine Pitrou added the comment: Done. ---------- resolution: -> fixed stage: needs patch -> committed/rejected status: open -> closed versions: -Python 3.2 _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
STINNER Victor added the comment: Why did you remove reference to ssl.RAND_bytes() on Python 3.3 from the notice? ---------- _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Antoine Pitrou added the comment: As far as I understand, os.urandom() is fine for the task. There's no point in mentioning ssl.RAND_bytes() just because it exists, IMO. ---------- _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Georg Brandl added the comment: Sure, I'd propose a rewording that mentions both alternatives and when they should be used. ---------- nosy: +georg.brandl _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Changes by Raymond Hettinger <raymond.hettinger@gmail.com>: ---------- assignee: docs@python -> rhettinger components: +Documentation nosy: +rhettinger priority: normal -> low _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Changes by Ezio Melotti <ezio.melotti@gmail.com>: ---------- nosy: +ezio.melotti, haypo stage: -> needs patch _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
STINNER Victor added the comment: See also the issue #15213 (and the issue #12754). ---------- _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Changes by George Peristerakis <peristerakis@gmail.com>: ---------- nosy: +George.Peristerakis _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Changes by George Peristerakis <peristerakis@gmail.com>: ---------- nosy: -George.Peristerakis _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Christian Heimes added the comment: Thomas H. Ptacek pointed me to a good explanation: http://security.stackexchange.com/a/3939 TL;DR: Just use /dev/urandom and be happy. ---------- _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Antoine Pitrou added the comment: Agreed with a re-wording. ---------- nosy: +pitrou _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Changes by Donald Stufft <donald.stufft@gmail.com>: ---------- nosy: +dstufft _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Roundup Robot added the comment: New changeset 9df0501fab35 by Antoine Pitrou in branch '3.3': Issue #16190: fix random module recommendation to use ssl.RAND_bytes(). http://hg.python.org/cpython/rev/9df0501fab35 New changeset 04b50a1eb013 by Antoine Pitrou in branch 'default': Issue #16190: fix random module recommendation to use ssl.RAND_bytes(). http://hg.python.org/cpython/rev/04b50a1eb013 New changeset 48b618a9ad10 by Antoine Pitrou in branch '2.7': Issue #16190: fix random module recommendation to use ssl.RAND_bytes(). http://hg.python.org/cpython/rev/48b618a9ad10 ---------- nosy: +python-dev _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Antoine Pitrou added the comment: Done. ---------- resolution: -> fixed stage: needs patch -> committed/rejected status: open -> closed versions: -Python 3.2 _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
STINNER Victor added the comment: Why did you remove reference to ssl.RAND_bytes() on Python 3.3 from the notice? ---------- _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
Antoine Pitrou added the comment: As far as I understand, os.urandom() is fine for the task. There's no point in mentioning ssl.RAND_bytes() just because it exists, IMO. ---------- _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue16190> _______________________________________
participants (9)
-
Antoine Pitrou -
Christian Heimes
-
Donald Stufft
-
Ezio Melotti
-
Georg Brandl
-
George Peristerakis
-
Raymond Hettinger
-
Roundup Robot
-
STINNER Victor