[Security-sig] PEP 524: Make os.urandom() blocking on Linux (version 3)

Nick Coghlan ncoghlan at gmail.com
Fri Jul 29 11:37:49 EDT 2016


On 30 July 2016 at 00:21, Victor Stinner <victor.stinner at gmail.com> wrote:
> The implementation of os.getrandom() must respect the PEP 475 (retry
> syscall on EINTR), so maybe we should implement the loop at the C
> level.

This was my thought when reading the PEP - I'd be very surprised if I
got a short read from os.getrandom() without the GRNG_RANDOM flag.

> Ok, but imagine that you use the "expensive" GRNG_RANDOM (/dev/random
> rather than /dev/urandom). A first call returns 4000 bytes of "high
> quality" random bytes, but user requested 4096 bytes and the second
> call fails.

I'd say in the non-EINTR case with GRNG_RANDOM it would be reasonable
to return a short read. So folks using that flag would need a
Python-level loop, but folks using the kernel's CSPRNG wouldn't.

Regards,
Nick.

-- 
Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia


More information about the Security-SIG mailing list