Make a unique filesystem path, without creating the file

Paul Rubin no.email at nospam.invalid
Mon Feb 22 21:27:46 EST 2016


Steven D'Aprano <steve at pearwood.info> writes:
> https://www.python.org/dev/peps/pep-0506/

I didn't know about this!  The discussion was all on mailing lists?

A few things I suggest changing:

  1) the default system RNG for Linux should be getrandom(2) on kernels
  that support it (3.17 and later).

  2) Some effort should be directed at simulating getrandom's behaviour
  on kernels that don't have it, using the /dev/random entropy estimator
  and the /dev/urandom interface.  I.e. it should block if the system
  hasn't seen enough entropy to get the CSPRNG started securely, and
  never block after that.

  3) The default token length should be long enough to not have to "change
  in the future".  If the user wants a shorter token, they ask for that,
  or can truncate a longer one that they receive from the default.

There are a few other choices in the PEP whose benefit is unclear to me,
but they aren't harmful, and I guess the decisions have already been
made.



More information about the Python-list mailing list