This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author vstinner
Recipients Lukasa, docs@python, georg.brandl, larry, martin.panter, ncoghlan, ned.deily, steven.daprano, vstinner
Date 2016-09-20.21:28:43
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1474406924.02.0.422957410302.issue27292@psf.upfronthosting.co.za>
In-reply-to
Content 
> Please ensure that the documentation properly warns users about these edge cases.

I disagree. I don't think that the Python documentation is the right place to document the security level of system urandom.

It's just a mess, there are so many corner cases and it's very hard to provide a clear explanation for end users.

I suggest to keep the positive "suitable for cryptographic use". If you change this sentence, I only expect that users will use something WORSE. For example "os.urandom is not secure! we must use ssl.RAND_bytes!". No. Don't do that, ssl.RAND_bytes() has its own set of issues, like two processes with the same pid producing the same random sequence... (old known issue, very hard to fix)

Python cannot workaround OS limitations, we can only do our best to use the most secure source of entropy. That's why Python 3.5 now uses getrandom() on Linux. That's why Python 3.6 now calls getrandom() in blocking mode.
History
Date User Action Args
2016-09-20 21:28:44vstinnersetrecipients: + vstinner, georg.brandl, ncoghlan, larry, ned.deily, steven.daprano, docs@python, martin.panter, Lukasa
2016-09-20 21:28:44vstinnersetmessageid: <1474406924.02.0.422957410302.issue27292@psf.upfronthosting.co.za>
2016-09-20 21:28:44vstinnerlinkissue27292 messages
2016-09-20 21:28:43vstinnercreate