Message275600
On modern Intel chips, one of the entropy sources is the CPU itself, and so this problem is mostly theoretical on such systems unless you're worried about the quality of Intel's entropy generation (in which case you're well and truly into sovereign espionage and advanced persistent threat territory, and really shouldn't be blindly trusting operating systems and programming language runtimes to already be doing the right thing).
So the main ways to get bad entropy from /dev/urandom on Linux are:
- a misconfigured VM that has been cut off from all decent entropy sources, and doesn't have any persistent storage attached
- an embedded non-Intel chip that doesn't have any decent entropy sources or persistent storage attached
If you're not doing either of those things, you're probably fine. If you're worried that you might be, try running Python 3.6 and calling os.getrandom() explicitly to see what happens. |
|
Date |
User |
Action |
Args |
2016-09-10 08:27:49 | ncoghlan | set | recipients:
+ ncoghlan, georg.brandl, vstinner, larry, ned.deily, steven.daprano, docs@python, martin.panter, Lukasa |
2016-09-10 08:27:49 | ncoghlan | set | messageid: <1473496069.86.0.434402789307.issue27292@psf.upfronthosting.co.za> |
2016-09-10 08:27:49 | ncoghlan | link | issue27292 messages |
2016-09-10 08:27:49 | ncoghlan | create | |
|