Make a unique filesystem path, without creating the file
Paul Rubin
no.email at nospam.invalid
Mon Feb 22 18:26:29 EST 2016
Marko Rauhamaa <marko at pacujo.net> writes:
>>>> http://www.2uo.de/myths-about-urandom/
>> I don't know what web pamphlet you mean,
> The only one linked above.
Oh, I wouldn't have called that a pamphlet. I could quibble with the
writing style but the points in the article are basically correct.
> getrandom(2) is a good interface that distinguishes between the flag
> values
> 0 => /dev/urandom
> GRND_RANDOM => /dev/random
> GRND_RANDOM | GRND_NONBLOCK => /dev/random (O_NONBLOCK)
> However, although os.urandom() delegates to getrandom(), the
> documentation suggests it uses the flag value 0 (/dev/urandom).
Flag value 0 does the right thing and blocks if the entropy pool is not
yet initialized, and doesn't block after that. That fixes the errors of
both urandom (fails to block before there's enough entropy) and random
(blocks even after there's enough entropy). The getrandom doc is also
misleading about the workings of the entropy pools but that's ok. The
actual algorithm is described here:
http://www.pinkas.net/PAPERS/gpr06.pdf
It's pretty clumsy but discussions about replacing it have gotten bogged
down several times. OTOH maybe I'm out of date on this.
>> The random/urandom interface was poorly designed and misleadingly
>> documented.
> It could be better I suppose, but I never found it particularly bad. The
> nice thing about it is that it is readily usable in shell scripts.
DJB describes the problems:
https://groups.google.com/forum/#!msg/randomness-generation/4opmDHA6_3w/__TyKhbnNWsJ
Regarding shell scripts, it should be a simple matter to put a wrapper
around the system call.
More information about the Python-list
mailing list