[Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?

Nikolaus Rath Nikolaus at rath.org
Thu Jun 9 22:52:31 EDT 2016

On Jun 09 2016, Guido van Rossum <guido at python.org> wrote:
> I don't think we should add a new function. I think we should convince
> ourselves that there is not enough of a risk of an exploit even if
> os.urandom() falls back.

That will be hard, because you have to consider an active, clever

On the other hand, convincing yourself that in practice os.urandom would
never block unless the setup is super exotic or there is active
maliciousness seems much easier.


GPG encrypted emails preferred. Key id: 0xD113FCAC3C4E599F
Fingerprint: ED31 791B 2C5C 1613 AF38 8B8A D113 FCAC 3C4E 599F

             »Time flies like an arrow, fruit flies like a Banana.«

More information about the Python-Dev mailing list