Message317079
I know two main use cases for random numbers:
* security: use os.urandom(), secrets and random.SystemRandom
* not security: use the random module
Exposing os.getentropy() seems like a new non-portable function for the first use case, security. What does it add compared to directly call os.urandom() for example?
I chose to expose os.getrandom() for one very specific use case, described in the PEP 524: check if os.urandom() is going to block.
On OpenBSD, os.urandom() and getentropy() does never block, so os.getentropy() seems useless to me. OpenBSD design is different: the CSRPNG is feeded from the boot loader. Or tell me if I missed something. |
|
Date |
User |
Action |
Args |
2018-05-19 00:30:21 | vstinner | set | recipients:
+ vstinner, rhettinger, benjamin.peterson, serhiy.storchaka, eitan.adler, David Carlier |
2018-05-19 00:30:21 | vstinner | set | messageid: <1526689821.85.0.682650639539.issue33528@psf.upfronthosting.co.za> |
2018-05-19 00:30:21 | vstinner | link | issue33528 messages |
2018-05-19 00:30:20 | vstinner | create | |
|