[Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
greg.ewing at canterbury.ac.nz
Thu Jun 9 20:33:16 EDT 2016
Steven D'Aprano wrote:
> - Linux /dev/urandom doesn't block, but it might return predictable,
> poor-quality pseudo-random bytes (i.e. a potential exploit);
> - Other OSes may block for potentially many minutes (i.e. a
> potential DOS).
It's even possible that it could block *forever*.
There was a case here recently in the cosc dept where students were
running Clojure programs in a virtual machine environment. When
they updated to a newer version of Clojure, everyone's programs
started hanging on startup. It turned out the Clojure library was
initialising its RNG from /dev/random, and the VM didn't have any
real spinning disks or other devices to provide entropy.
More information about the Python-Dev