This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author christian.heimes
Recipients Colm Buckley, Lukasa, alex, christian.heimes, doko, dstufft, larry, lemburg, martin.panter, matejcik, ned.deily, python-dev, rhettinger, skrah, thomas-petazzoni, vstinner, ztane
Date 2016-06-07.14:47:39
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>

This ticket is turning into a bike-shedding discussion. In the light of the upcoming release 3.5.2 I'm now putting on my PSRT hat (Python Security Response Team) and proclaim a veto against any and all changes to os.urandom(). The security properties of os.urandom() must not be modified or reduced compared to 3.5.1. Please restore the behavior of os.urandom().

The security of our general audience is much more important than this special case. I agree that the problem of Python blocking in an early boot phase should be fixed. But under no circumstances must the fix affect security. For now please work around the issue with PYTHONHASHSEED or forwarding the host's entropy source into your virtualization environment.

Any change to os.urandom(), _Py_HashSecret (I'm the author of PEP 456) and Mersenne-Twister initialization of random.random() shall go through a formal PEP process. I'm willing to participate in writing the PEP. A formal PEP also enables us to ask trained security experts for review.
Date User Action Args
2016-06-07 14:47:40christian.heimessetrecipients: + christian.heimes, lemburg, rhettinger, doko, vstinner, larry, matejcik, ned.deily, alex, skrah, python-dev, martin.panter, ztane, dstufft, Lukasa, thomas-petazzoni, Colm Buckley
2016-06-07 14:47:40christian.heimessetmessageid: <>
2016-06-07 14:47:40christian.heimeslinkissue26839 messages
2016-06-07 14:47:39christian.heimescreate