[Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
Tim Peters
tim.peters at gmail.com
Thu Jun 9 23:54:15 EDT 2016
[Nikolaus Rath]
>> Aeh, what the tin says is "return random bytes".
[Larry Hastings]
> What the tin says is "urandom", which has local man pages that dictate
> exactly how it behaves. On Linux the "urandom" man page says:
>
> A read from the /dev/urandom device will not block waiting for more entropy.
> If there is not sufficient entropy, a pseudorandom number generator is used
> to create the requested bytes.
>
> os.urandom() needs to behave like that on Linux, which is how it behaved in
> Python 2.4 through 3.4.
I agree (with Larry). If the change hadn't already been made, nobody
would get anywhere trying to make it now. So best to pretend it was
never made to begin with ;-)
The tin that _will_ say "return random bytes" in Python will
be`secrets.token_bytes()`. That's self-evidently (to me) where the
"possibly block forever" implementation belongs.
More information about the Python-Dev
mailing list