[issue27292] Warn users that os.urandom() can return insecure values
Martin Panter
report at bugs.python.org
Thu Jun 16 07:01:24 EDT 2016
Martin Panter added the comment:
Here is a possible patch for 3.5+ based on my modest understanding of the concerns about insecure results and blocking. I hope that my wording is clear, couldn’t be confused with Linux’s /dev/random blocking and running out of fresh entropy, etc.
I also tried to make it clearer what APIs are used in what circumstances. It is not just Linux: we also call getrandom() on Solaris, because its getentropy() is not good enough.
----------
keywords: +patch
Added file: http://bugs.python.org/file43410/urandom-doc.patch
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue27292>
_______________________________________
More information about the Python-bugs-list
mailing list