[issue21305] PEP 466: update os.urandom
Charles-François Natali
report at bugs.python.org
Sun Apr 27 18:31:43 CEST 2014
Charles-François Natali added the comment:
Like Antoine, I'm really skeptical about the backport: honestly, this change doesn't bring much in a normal application. To run into the number of open file descriptors limit (so the "scalability" aspect), one would need to have *many* concurrent threads reading from /dev/urandom. For the "performance" aspect, I have a hard time believing that the overhead of the extra open() + close() syscalls is significant in a realistic workload. If reading from /dev/urandom becomes a bottleneck, this means that you're depleting your entropy pool anyway, so you're in for some potential trouble...
> There is a reason we don't backport new features!
Couldn't agree more. This whole "let's backport security enhancements" sounds scary to me.
----------
nosy: +neologix
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue21305>
_______________________________________
More information about the Python-bugs-list
mailing list