[Security-sig] RFC: PEP: Make os.urandom() blocking on Linux
Victor Stinner
victor.stinner at gmail.com
Thu Jun 23 17:51:06 EDT 2016
2016-06-22 0:57 GMT+02:00 Barry Warsaw <barry at python.org>:
> I would like to ask for some changes to this proto-PEP.
>
> At a minimum, I think a proper treatment of the alternative where os.urandom()
> remains (on Linux at least) a thin wrapper around /dev/urandom. We would add
> os.getrandom() as the low-level interface to the new C lib function,
Ok, done in the version 2 of my PEP
> and expose any higher level functionality in the secrets module if necessary.
I didn't add this point to the PEP. Tell me if it should be added.
Which kind of function do you imagine?
I wrote an example of a helper function to use os.getrandom() or falls
back on os.urandom():
https://haypo-notes.readthedocs.io/pep_random.html#leave-os-urandom-unchanged-add-os-getrandom
You may reply on my PEPv2 directly ;-)
Victor
More information about the Security-SIG
mailing list