[issue27288] secrets should use getrandom() on Linux
Tim Peters
report at bugs.python.org
Fri Jun 10 16:15:49 EDT 2016
Tim Peters added the comment:
It was a primary purpose of `secrets` to be a place where security best practices could be implemented, and changed over time, with no concern about backward compatibility for people who don't use it.
So if `secrets` needs to supply a class with all the methods of random.Random, it should derive its own subclass (or derive from random.SystemRandom, and override the only two methods that explicitly invoke _urandom() - everything else ends up using .random() or .getrandbits()).
----------
nosy: +tim.peters
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue27288>
_______________________________________
More information about the Python-bugs-list
mailing list