Author jbeck
Recipients jbeck
Date 2015-09-04.21:44:27
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1441403068.22.0.654234676609.issue25003@psf.upfronthosting.co.za>
In-reply-to
Content
A recent Solaris build upgrade resulted in a massive slowdown of a package operation (our package client is written in Python).  Some DTrace revealed this was because os.urandom() calls had slowed down by a factor of over 300.  This turned out to be caused by an upgrade of Python from 2.7.9 to 2.7.10 which included:

- Issue #22585: On OpenBSD 5.6 and newer, os.urandom() now calls getentropy(),
  instead of reading /dev/urandom, to get pseudo-random bytes.

By adding ac_cv_func_getentropy=no to our configure options, we were able to get back the performance we had lost.  But our security experts warned:

---

OpenBSD only has getentropy(2) and we are compatible with that.
Linux has both getentropy(2) and getrandom(2)
Solaris has getentropy(2) and getrandom(2).

The bug is in Python it should not use getentropy(2) for the implementation of os.urandom() unless it builds its own DRBG (Deterministic Random Bit Generator) around that - which will mean it is "caching" and thus only calling getentropy() for seeding very infrequently.

You can not substitute getentropy() for getrandom(), if you need randomness then entropy does not suffice.

They are using getentropy(2) correctly in the implementation of _PyRandom_Init().

I would personally recommend that the upstream adds os.getentropy() changes
os.urandom() to use getrandom(buf, sz, GRND_NONBLOCK) and os.random() to use
getrandom(buf, sz, GRND_RANDOM).

As it is the upstream implementation is arguably a security vulnerability since you can not use entropy where you need randomness.
---

where by "upstream" he meant "python.org".  So I am filing this bug to request those changes.  I can probably prototype this in the reasonable near future, but I wanted to get the bug filed sooner rather than later.
History
Date User Action Args
2015-09-04 21:44:28jbecksetrecipients: + jbeck
2015-09-04 21:44:28jbecksetmessageid: <1441403068.22.0.654234676609.issue25003@psf.upfronthosting.co.za>
2015-09-04 21:44:28jbecklinkissue25003 messages
2015-09-04 21:44:27jbeckcreate