Message195905
>> PySSL_RAND_atfork_parent() still uses getpid(). This number is not
>> very random in the *parent* process :-)
>
> That's fine and doesn't diminish the properties of the PRNG. In fact the
> patch could use a hard coded value to perturb the PRNG. It's only
> important to modify the PRNG state of the *parent* process so that
> recycled PIDs of *child* processes don't lead to repeated pseudo-random
> values.
Yeah, it doesn't weaken the PRNG, but since we're using current time
and stack content to reseed it, using the parent PID which doesn't
change doesn't bring much (since we chose to add entropy and not just
a constant, which would be sufficient as you noted).
Anyway, for those interested, here's a reproducer. |
File name |
Uploaded |
test.py
|
neologix,
2013-08-22.15:21:26
|
|
Date |
User |
Action |
Args |
2013-08-22 15:21:27 | neologix | set | recipients:
+ neologix, barry, georg.brandl, pitrou, vstinner, christian.heimes, benjamin.peterson, python-dev, sbt, vajrasky |
2013-08-22 15:21:27 | neologix | link | issue18747 messages |
2013-08-22 15:21:26 | neologix | create | |
|