This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author Lukasa
Recipients Colm Buckley, Lukasa, alex, doko, larry, lemburg, martin.panter, matejcik, ned.deily, python-dev, rhettinger, skrah, thomas-petazzoni, vstinner, ztane
Date 2016-06-07.11:35:48
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1465299349.53.0.115853160881.issue26839@psf.upfronthosting.co.za>
In-reply-to
Content
This patch explicitly violates several of the documented constraints of the Python standard library.

For example, random.SystemRandom uses os.urandom to generate its random numbers. SystemRandom is then used by the secrets module to generate *its* random numbers. This means that os.urandom *is* explicitly used by the Python standard library to generate cryptographically secure random numbers. It was done so in part expressly because the call to random() could block.

If Python needs a non-blocking RNG for internal purposes, that's totally fine, a new function should be written that does exactly that. But any code that is calling secrets or random.SystemRandom is expecting the documented guarantees of that module: that is, that the security profile of the random numbers generated by those objects are cryptographically secure. This patch ensures that that guarantee is *violated* on Linux systems run on cloud servers, which is more than a little alarming to me.
History
Date User Action Args
2016-06-07 11:35:49Lukasasetrecipients: + Lukasa, lemburg, rhettinger, doko, vstinner, larry, matejcik, ned.deily, alex, skrah, python-dev, martin.panter, ztane, thomas-petazzoni, Colm Buckley
2016-06-07 11:35:49Lukasasetmessageid: <1465299349.53.0.115853160881.issue26839@psf.upfronthosting.co.za>
2016-06-07 11:35:49Lukasalinkissue26839 messages
2016-06-07 11:35:49Lukasacreate