Message268041
This proposal competes directly with #27250, #27266, and #27279 as possible long term solutions to the Linux/systemd os.urandom deadlock bug described in #26839
Rather than adding new APIs, or making os.urandom potentially blocking on Linux (as it was in 3.5.0 and 3.5.1), it instead proposes that os.urandom immediately raise BlockingIOError if the kernel entropy pool has not yet been initialised.
This behaviour will mean that users attempting to gather strong entropy too early in the Linux boot process will fail rather than block, so affected scripts and programs can readily fall back to reading from /dev/urandom or using the random module APIs if they don't need cryptographically strong random data. Scripts that do need cryptographically strong random data can either poll os.urandom until it succeeds, or else fail explicitly and let their caller resolve the problem. |
|
Date |
User |
Action |
Args |
2016-06-09 17:14:31 | ncoghlan | set | recipients:
+ ncoghlan |
2016-06-09 17:14:31 | ncoghlan | set | messageid: <1465492471.33.0.216651020658.issue27282@psf.upfronthosting.co.za> |
2016-06-09 17:14:31 | ncoghlan | link | issue27282 messages |
2016-06-09 17:14:31 | ncoghlan | create | |
|