[issue26839] Python 3.5 running on Linux kernel 3.17+ can block at startup or on importing the random module on getrandom()
Donald Stufft
report at bugs.python.org
Tue Jun 7 08:05:33 EDT 2016
Donald Stufft added the comment:
> I don't think that security matters enough to block Python at startup.
> Python has a long history of being a thin wrapper on top of the OS.
> Usually, Python doesn't workaround design issues of OSes, but expose
> functions as they are.
That's fine, so make a new function that will return "maybe random data maybe not, who knows" instead of taking the function for producing cryptographically secure random data and making it less suitable for that task. This is the problem, not that Python start up is blocking, but that this patch takes that edge case, and declares that it's behavior is the correct behavior for everyone trying to get cryptographically secure random numbers.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue26839>
_______________________________________
More information about the Python-bugs-list
mailing list