Author vstinner
Recipients Arfrever, christian.heimes, loewis, ncoghlan, pitrou, rhettinger, vstinner
Date 2019-08-28.22:19:42
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1567030783.37.0.00510592948716.issue15206@roundup.psfhosted.org>
In-reply-to
Content
I close the issue. Python 3.7 and newer are fixed. Python 2.7 is still affected, but I consider that it's ok to leave the bug unfixed in this version.

--

> The random number generator now reseeds after a fork.

I confirm that it's done since Python 3.7, and Python 3.6 doesn't accept bugfixes anymore (only security fixes). So the issue is fixed in Python 3.7, 3.8 and master. For the record, the fix was this change:

commit 346cbd351ee0dd3ab9cb9f0e4cb625556707877e
Author: Antoine Pitrou <pitrou@free.fr>
Date:   Sat May 27 17:50:54 2017 +0200

    bpo-16500: Allow registering at-fork handlers (#1715)

Backporting this change to Python 3.6 and 3.5 would be too intrusive and risky. I don't think that this bug is important enough to be qualified as security vulnerability (the issue type is not "Security").


For Python 2.7, honestly, I don't think that the issue matters enough to justify to fix it today, knowning that Python 2.7 will reach its end of life at the end of the year. Moreover, apart Christian Heimes, no user ever complained about this issue.


Note: uuid.uuid4() always used os.urandom(16) which is not affected by this issue on fork. Only uuid.uuid1() and uuid.getnode() has the bug in Python 2.7.
History
Date User Action Args
2019-08-28 22:19:43vstinnersetrecipients: + vstinner, loewis, rhettinger, ncoghlan, pitrou, christian.heimes, Arfrever
2019-08-28 22:19:43vstinnersetmessageid: <1567030783.37.0.00510592948716.issue15206@roundup.psfhosted.org>
2019-08-28 22:19:43vstinnerlinkissue15206 messages
2019-08-28 22:19:42vstinnercreate