Message195254
> Python doesn't have a builtin PRNG.
Of course it does. It's in the random module, and you can seed() it:
>>> random.seed(5)
>>> random.random()
0.6229016948897019
>>> random.random()
0.7417869892607294
>>> random.seed(5)
>>> random.random()
0.6229016948897019
See e.g. issue12856. And the multiprocessing module:
http://hg.python.org/cpython/file/92039fb68483/Lib/multiprocessing/forkserver.py#l195
> We use the OS's CPRNG such as /dev/urandom or CryptGenRandom().
"We"?
> It's not only multiprocessing. What about forking webservers etc.
> that use HTTPS?
Well, are they affected? I haven't understood your previous answer.
("OpenSSL uses its own PRNG to create (amongst others) session keys for SSL connections")
Note that it seems debatable whether it's an OpenSSL bug:
http://www.openwall.com/lists/oss-security/2013/04/12/3 |
|
Date |
User |
Action |
Args |
2013-08-15 13:14:06 | pitrou | set | recipients:
+ pitrou, vstinner, christian.heimes, neologix, sbt |
2013-08-15 13:14:06 | pitrou | set | messageid: <1376572446.01.0.829855118908.issue18747@psf.upfronthosting.co.za> |
2013-08-15 13:14:05 | pitrou | link | issue18747 messages |
2013-08-15 13:14:05 | pitrou | create | |
|