[Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
Donald Stufft
donald at stufft.io
Thu Jun 9 13:22:00 EDT 2016
> On Jun 9, 2016, at 1:14 PM, Steven D'Aprano <steve at pearwood.info> wrote:
>
> On Thu, Jun 09, 2016 at 12:39:00PM -0400, Donald Stufft wrote:
>
>> There are three options for what do with os.urandom by default:
>>
>> * Allow it to silently return data that may or may not be
>> cryptographically secure based on what the state of the urandom pool
>> initialization looks like.
>
> Just to be clear, this is only an option on Linux, right? All the other
> major platforms block, whatever we decide to do on Linux. Including
> Windows?
To my knowledge, all other major platforms block or otherwise ensure that /dev/urandom can never return anything but cryptographically secure random. [1]
>
>
> --
> Steve
> _______________________________________________
> Python-Dev mailing list
> Python-Dev at python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe: https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
[1] I believe OpenBSD cannot block, but they inject randomness via the boot loader so that the system is never in a state where the kernel doesn’t have enough entropy.
—
Donald Stufft
More information about the Python-Dev
mailing list