[issue27272] random.Random should not read 2500 bytes from urandom
STINNER Victor
report at bugs.python.org
Thu Jun 9 06:06:38 EDT 2016
STINNER Victor added the comment:
> On 'import random' seed random.Random() from _Py_HashSecret.random_seed + gettimeofday().tv_sec + gettimeofday().tv_usec + id(self). That way subinterpreters get a different init state.
Can we use os.urandom() was random.Random is instanciated manually,
but use the "secret random seed" when the random module is imported?
You can easily restrict the feature to workaround blocking "import
random" on VM: consume the secret in the C code, and ensure that it's
only used once.
For example, reimplement random.Random.seed() in C (remove the Python
implementation) and use the secret in C, but only the first user of
seed(None) will get it. WDYT?
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue27272>
_______________________________________
More information about the Python-bugs-list
mailing list