patch request for os.urandom()
christian at python.org
Thu Jul 17 22:12:16 CEST 2014
On 17.07.2014 20:34, Paul Rubin wrote:
> Could os.urandom() be patched to use the new Linux getrandom() system
> call on systems where it is available? Further info:
> I've stopped posting to the Python bug tracker because the password
> management issues became too annoying.
The feature will be implemented as soon as the first Linux distribution
comes with a kernel version that supports the new syscall. By the way
Python 3.4 is not vulnerable to fd exhaustion attack. The interpreter
keeps an open file descriptor on /dev/urandom. The wrapper code ensures
that the fd is not replaced.
More information about the Python-list