Make a unique filesystem path, without creating the file
Paul Rubin
no.email at nospam.invalid
Mon Feb 22 21:27:46 EST 2016
Steven D'Aprano <steve at pearwood.info> writes:
> https://www.python.org/dev/peps/pep-0506/
I didn't know about this! The discussion was all on mailing lists?
A few things I suggest changing:
1) the default system RNG for Linux should be getrandom(2) on kernels
that support it (3.17 and later).
2) Some effort should be directed at simulating getrandom's behaviour
on kernels that don't have it, using the /dev/random entropy estimator
and the /dev/urandom interface. I.e. it should block if the system
hasn't seen enough entropy to get the CSPRNG started securely, and
never block after that.
3) The default token length should be long enough to not have to "change
in the future". If the user wants a shorter token, they ask for that,
or can truncate a longer one that they receive from the default.
There are a few other choices in the PEP whose benefit is unclear to me,
but they aren't harmful, and I guess the decisions have already been
made.
More information about the Python-list
mailing list