[issue26839] Python 3.5 running on Linux kernel 3.17+ can block at startup or on importing the random module on getrandom()
Cory Benfield
report at bugs.python.org
Wed Jun 8 05:30:10 EDT 2016
Cory Benfield added the comment:
> You're right, it's remotely possible that on platforms where /dev/urandom
> could block, Python startup could therefore also block. And I'm not
> proposing we fix that, as so far nobody has reported it as a problem.
>
> This suggests to me that yes I'm talking specifically about the regression
> on Linux in the 3.5 series.
Ok, so with that clarification I personally would prefer Victor's patch from #27266, but can also understand wanting to leave the codebase as-is. Either way would be consistent with your goals, Larry. Victor's patch is more secure, but does cause os.urandom to diverge from the semantics of /dev/urandom in extreme conditions (specifically, early boot) on Linux.
That's your tradeoff to make, Larry. =) I think both sides have been well-argued here. Thanks for clarifying.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue26839>
_______________________________________
More information about the Python-bugs-list
mailing list