[Security-sig] PEP 524: Make os.urandom() blocking on Linux (version 3)

Victor Stinner victor.stinner at gmail.com
Fri Jul 29 10:30:15 EDT 2016


2016-07-29 15:31 GMT+02:00 Barry Warsaw <barry at python.org>:
> I agree that os.getrandom() should be added on platforms that support it
> regardless of the outcome of the various PEPs, and that it should be a thin
> layer above the C function.

According to the size of the discussion, I consider that it's worth it
to use a PEP to add os.getrandom(). Exposing getrandom() was proposed
in different ways which was also part of the discussion.

The fact that getrandom() is directly exposed or not has a major
impact on the overall PEP.

For example, I don't think that it's worth to add os.getrandom() if
the PEP 522 is implemented. The PEP 522 directly gives access to
non-blocking system urandom, so os.getrandom(GRNG_NONBLOCK) is useless
(it's less portable and more complex to use, see my other email in
this thread). The remaining question is if it is woth to expose
os.getrandom(GRNG_RANDOM) ... PEP 522 and PEP 524 advice to avoid
/dev/random which should really be reserved for a very limited number
of application. These applications can already open manually
/dev/random, code which would work on all Python versions!

Finally, only adding os.getrandom() was also proposed as the complete
solution to "the bug": users are expected to move slowly to this new
function. Nick explained it:
https://www.python.org/dev/peps/pep-0522/#why-propose-this-now

So I don't consider that it's tiny detail in the discussion...

Victor


More information about the Security-SIG mailing list