[issue26839] Python 3.5 running on Linux kernel 3.17+ can block at startup or on importing the random module on getrandom()
Donald Stufft
report at bugs.python.org
Tue Jun 7 08:40:32 EDT 2016
Donald Stufft added the comment:
(Basically) nobody should ever use /dev/random (and cryptographers agree!). The thing you want to use is /dev/urandom and the fact that /dev/urandom on Linux doesn't block before the pool is initalized has long been considered by cryptographers to be a fairly large flaw. The ``getrandom()`` calls were added explicitly to allow programs to get the correct behavior out of the system random.
For more information see http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/ or http://www.2uo.de/myths-about-urandom/. The /dev/urandom man page is wrong, and it's wrong for political reasons and because Ted T'so has bad opinions.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue26839>
_______________________________________
More information about the Python-bugs-list
mailing list