[issue26839] Python 3.5 running on Linux kernel 3.17+ can block at startup or on importing the random module on getrandom()
Larry Hastings
report at bugs.python.org
Tue Jun 7 15:10:18 EDT 2016
Larry Hastings added the comment:
> This is only a DoS vector if you can hit the server so early in the boot process that it doesn't have enough entropy.
Python hash randomization only happens once. So it's not a matter of how early we try the attack, it's a matter of how early we seed Python hash randomization.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue26839>
_______________________________________
More information about the Python-bugs-list
mailing list