This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author vstinner
Recipients Colm Buckley, Lukasa, Theodore Tso, alex, christian.heimes, doko, dstufft, larry, lemburg, martin.panter, matejcik, ned.deily, python-dev, rhettinger, skrah, thomas-petazzoni, vstinner, ztane
Date 2016-06-08.09:39:03
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1465378744.6.0.846317155805.issue26839@psf.upfronthosting.co.za>
In-reply-to
Content
no-urandom-by-default.diff uses a very weak source of entropy for random.Random :-( I'm fighting against weak sources of entropy since many years...

This change introduces the bug similar to OpenSSL RAND_bytes() bug (two processes with the same pid can produce the same random sequence): two Python processes started "at the same time" (with a resolution of 1/256 sec ~= 3.9 ms) produces the same random sequence.

With my script:
---
import subprocess, sys
args = [sys.executable, '-S', '-c', 'import random; print([random.randint(0, 999) for _ in range(4)])']
numbers = set()
procs = [subprocess.Popen(args, stdout=subprocess.PIPE) for _ in range(10)]
for proc in procs:
    stdout = proc.communicate()[0]
    numbers.add(stdout.rstrip())
for line in numbers:
    print(line.decode())
print("duplicates", len(procs) - len(numbers))
---

Output:
---
[68, 812, 821, 421]
[732, 506, 562, 439]
[70, 711, 476, 230]
[411, 474, 729, 837]
[530, 161, 699, 521]
[818, 897, 582, 38]
[42, 132, 359, 275]
[630, 863, 370, 288]
[497, 716, 61, 93]
duplicates 1
---
History
Date User Action Args
2016-06-08 09:39:04vstinnersetrecipients: + vstinner, lemburg, rhettinger, doko, larry, christian.heimes, matejcik, ned.deily, alex, skrah, python-dev, martin.panter, ztane, dstufft, Lukasa, thomas-petazzoni, Colm Buckley, Theodore Tso
2016-06-08 09:39:04vstinnersetmessageid: <1465378744.6.0.846317155805.issue26839@psf.upfronthosting.co.za>
2016-06-08 09:39:04vstinnerlinkissue26839 messages
2016-06-08 09:39:03vstinnercreate