[issue26839] Python 3.5 running on Linux kernel 3.17+ can block at startup or on importing the random module on getrandom()

[Larry Hastings]

Larry Hastings added the comment:

Speaking as the 3.5 RM, I suppose I have to have an opinion.  I don't think "Python now uses a better source of randomness to seed the random module at startup" is a major feature.  It's a nice-to-have, not a must-have.  And people who care about good randomness (e.g. people doing crypto with the random module) shouldn't be relying on the freebie initialization they get just by importing.

So I think changing the default is fine, especially if the new default is "seed from the entropy pool, but if it's empty failover to the not-as-good source of random bits".  If you think that's a bad move, please add your comments here--I'm willing to have my mind changed about this.

I'll remind you: the schedule says I tag 3.5.2 RC 1 this coming Saturday (almost exactly six days from now).  Naturally I'd prefer to make the release on time.

----------

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue26839>
_______________________________________