Message267819
no-urandom-by-default.diff uses a very weak source of entropy for random.Random :-( I'm fighting against weak sources of entropy since many years...
This change introduces the bug similar to OpenSSL RAND_bytes() bug (two processes with the same pid can produce the same random sequence): two Python processes started "at the same time" (with a resolution of 1/256 sec ~= 3.9 ms) produces the same random sequence.
With my script:
---
import subprocess, sys
args = [sys.executable, '-S', '-c', 'import random; print([random.randint(0, 999) for _ in range(4)])']
numbers = set()
procs = [subprocess.Popen(args, stdout=subprocess.PIPE) for _ in range(10)]
for proc in procs:
stdout = proc.communicate()[0]
numbers.add(stdout.rstrip())
for line in numbers:
print(line.decode())
print("duplicates", len(procs) - len(numbers))
---
Output:
---
[68, 812, 821, 421]
[732, 506, 562, 439]
[70, 711, 476, 230]
[411, 474, 729, 837]
[530, 161, 699, 521]
[818, 897, 582, 38]
[42, 132, 359, 275]
[630, 863, 370, 288]
[497, 716, 61, 93]
duplicates 1
--- |
|
Date |
User |
Action |
Args |
2016-06-08 09:39:04 | vstinner | set | recipients:
+ vstinner, lemburg, rhettinger, doko, larry, christian.heimes, matejcik, ned.deily, alex, skrah, python-dev, martin.panter, ztane, dstufft, Lukasa, thomas-petazzoni, Colm Buckley, Theodore Tso |
2016-06-08 09:39:04 | vstinner | set | messageid: <1465378744.6.0.846317155805.issue26839@psf.upfronthosting.co.za> |
2016-06-08 09:39:04 | vstinner | link | issue26839 messages |
2016-06-08 09:39:03 | vstinner | create | |
|