[Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?

Tim Peters tim.peters at gmail.com
Thu Jun 9 23:54:15 EDT 2016

[Nikolaus Rath]
>> Aeh, what the tin says is "return random bytes".

[Larry Hastings]
> What the tin says is "urandom", which has local man pages that dictate
> exactly how it behaves.  On Linux the "urandom" man page says:
>     A read from the /dev/urandom device will not block waiting for more entropy.
>     If there is not sufficient entropy, a pseudorandom number generator is used
>     to create the requested bytes.
> os.urandom() needs to behave like that on Linux, which is how it behaved in
> Python 2.4 through 3.4.

I agree (with Larry).  If the change hadn't already been made, nobody
would get anywhere trying to make it now.  So best to pretend it was
never made to begin with ;-)

The tin that _will_ say "return random bytes" in Python will
be`secrets.token_bytes()`.  That's self-evidently (to me) where the
"possibly block forever" implementation belongs.

More information about the Python-Dev mailing list