[New-bugs-announce] [issue27292] Warn users that os.urandom() can return insecure values

Christian Heimes report at bugs.python.org
Sat Jun 11 06:07:54 EDT 2016

New submission from Christian Heimes:

In #26839 os.urandom() was made non-blocking and non-exception-raising on Linux. As a result os.urandom() is no longer a CSPRNG under some conditions as it can and will return predictable random values without any sort of warning or error flag. These conditions are (including but not limited to):

* early boot state
* virtualization without host-passthrough, e.g. virtio-rng
* embedded devices without hardware RNG or RTC, e.g. raspberry pi

Please ensure that the documentation properly warns users about these edge cases.

We might also want to add that os.urandom() can block on other platforms, e.g. FreeBSD and OpenBSD.

components: Library (Lib)
keywords: 3.5regression
messages: 268205
nosy: christian.heimes, dstufft, haypo, larry, ned.deily
priority: release blocker
severity: normal
stage: needs patch
status: open
title: Warn users that os.urandom() can return insecure values
type: security
versions: Python 3.5, Python 3.6

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list