[Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
larry at hastings.org
Thu Jun 9 18:47:54 EDT 2016
On 06/09/2016 03:44 PM, Ethan Furman wrote:
> On 06/09/2016 03:22 PM, Larry Hastings wrote:
>> Okay, it's decided: os.urandom() must be changed for 3.5.2 to never
>> block on a getrandom() call.
> One way to not block is to raise an exception. Since this is such a
> rare occurrence anyway I don't see this being a problem, plus it keeps
> everybody mostly happy: normal users won't see it hang, crypto-folk
> won't see vulnerable-from-this-cause-by-default machines, and those
> running Python early in the boot sequence will have something they can
> figure out, plus an existing knob to work around it [hashseed, I think?].
Nope, I want the old behavior back. os.urandom() should read
/dev/random if getrandom() would block. As the British say, "it should
do what it says on the tin".
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Python-Dev