This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author Colm Buckley
Recipients Colm Buckley, Lukasa, alex, christian.heimes, doko, dstufft, larry, lemburg, martin.panter, matejcik, ned.deily, python-dev, rhettinger, skrah, thomas-petazzoni, vstinner, ztane
Date 2016-06-07.16:04:21
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1465315461.98.0.174674237919.issue26839@psf.upfronthosting.co.za>
In-reply-to
Content 
Donald -

To be clear - no import of random or of hashlib is required to trigger this issue. The null script alone triggers the issue; the Python hash secret is initialized at startup regardless of script contents.

Yes, there is a race condition at system boot which we can probably resolve with userspace manipulations. I still feel that having Python hang indefinitely under certain circumstances, even when the application does not require any entropy, is a violation of the principle of least surprise. At the very least, there should be a command-line flag to disable "secure" initialization of the hash secret.
History
Date User Action Args
2016-06-07 16:04:22Colm Buckleysetrecipients: + Colm Buckley, lemburg, rhettinger, doko, vstinner, larry, christian.heimes, matejcik, ned.deily, alex, skrah, python-dev, martin.panter, ztane, dstufft, Lukasa, thomas-petazzoni
2016-06-07 16:04:21Colm Buckleysetmessageid: <1465315461.98.0.174674237919.issue26839@psf.upfronthosting.co.za>
2016-06-07 16:04:21Colm Buckleylinkissue26839 messages
2016-06-07 16:04:21Colm Buckleycreate