Make a unique filesystem path, without creating the file

Steven D'Aprano steve at
Mon Feb 22 19:33:09 EST 2016

On Tue, 23 Feb 2016 06:32 am, Marko Rauhamaa wrote:

> Jon Ribbens <jon+usenet at>:
>> Suppose you had code like this:
>>   filename = binascii.hexlify(os.urandom(16)).decode("ascii")
>> Do we really think that is insecure or that there are any practical
>> attacks against it? It would be basically the same as saying that
>> urandom() is broken, surely?
> urandom() is not quite random and so should not be considered
> cryptographically airtight.
> Under Linux, /dev/random is the way to go when strong security is
> needed. Note that /dev/random is a scarce resource on ordinary systems.

That's actually incorrect, but you're not the only one to have been mislead
by the man pages.

On non-Linux Unixes, the difference between urandom and random is mostly, or
entirely, gone, in favour of urandom's non-blocking behaviour. And it's a
myth that the output of random is "more random" or "more pure" than
urandom's. In reality, on Linux both urandom and random use exactly the
same CSPRNG.

See also:

for a good explanation of how random and urandom actually work on Linux.


More information about the Python-list mailing list