[issue26839] Python 3.5 running on Linux kernel 3.17+ can block at startup or on importing the random module on getrandom()

[Colm Buckley]

Colm Buckley added the comment:

Christian -

I would like to make one further comment:

The only reason getrandom() was used instead of /dev/random was to avoid wasting a file descriptor. The previous behavior was in use for many years with no security issues; it was changed for FD conservation reasons, not security reasons.

The change between 3.5 and 3.5.1 caused a very notable regression; the initialization of the hash secret can block indefinitely under circumstances which unfortunately are fairly common.

Persisting with the 3.5.1 behavior, in my opinion, violates the principle of least surprise - Python blocks at startup waiting for random data even when none is actually required by the application. The fallback to 3.5 behavior is only invoked under the single case where the system PRNG is uninitialized.

You are within your rights to request the reversion; however I want to point out again that the implications are the introduction of multi-minute delays into the startup times of hundreds of millions of systems, due to a change in *Python's* behavior.

Colm

----------

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue26839>
_______________________________________