subject:"\[issue27250\] Add os.urandom

[issue27250] Add os.urandom_block()

2016-07-28 Thread STINNER Victor

STINNER Victor added the comment: I don't support this idea anymore, so I close the issue. I wrote the PEP 524 to propose to make os.urandom() blocking on Linux. The discussion moved to the security-sig mailing list. -- resolution: -> rejected status: open -> closed

[issue27250] Add os.urandom_block()

2016-06-16 Thread Donald Stufft

Changes by Donald Stufft : -- nosy: -dstufft ___ Python tracker ___ ___ Python-bugs-list

[issue27250] Add os.urandom_block()

2016-06-12 Thread Christian Heimes

Changes by Christian Heimes : -- nosy: -christian.heimes ___ Python tracker ___ ___

[issue27250] Add os.urandom_block()

2016-06-09 Thread Marc-Andre Lemburg

Marc-Andre Lemburg added the comment: Please also see #27279 for an alternative plan. -- ___ Python tracker ___

[issue27250] Add os.urandom_block()

2016-06-08 Thread Nick Coghlan

Nick Coghlan added the comment: Victor, given the assumption that internal hashing and the random module will change to no longer depend on os.urandom, are you happy to close this one in favour of #27250? -- ___ Python tracker

[issue27250] Add os.urandom_block()

2016-06-08 Thread Nick Coghlan

Nick Coghlan added the comment: One request I'd make in these discussions is that we avoid using the term "block" - it makes people think of the /dev/random behaviour (i.e. blocking intermittently and unhelpfully), rather than the usually-desired "wait for sufficient entropy on system

[issue27250] Add os.urandom_block()

2016-06-08 Thread Nick Coghlan

Changes by Nick Coghlan : -- nosy: +ncoghlan ___ Python tracker ___ ___ Python-bugs-list

[issue27250] Add os.urandom_block()

2016-06-08 Thread STINNER Victor

STINNER Victor added the comment: IMHO "Should os.urandom() block before the kernel collected enough entropy?" is the last major question in the large discussion around random: https://haypo-notes.readthedocs.io/pep_random.html#os-urandom It became clear that Python at startup should use a

[issue27250] Add os.urandom_block()

2016-06-08 Thread STINNER Victor

STINNER Victor added the comment: > Should this ticket be named "Add os.random()" ? After all, blocking in case > of missing entropy is what /dev/random is all about. In short, /dev/random must not be used :-) See: https://haypo-notes.readthedocs.io/pep_random.html#rng-denial-of-service

[issue27250] Add os.urandom_block()

2016-06-07 Thread Marc-Andre Lemburg

Marc-Andre Lemburg added the comment: On 07.06.2016 14:41, Cory Benfield wrote: > > Uh, sorry, I meant #26839. Ok, then perhaps "Add os.getrandom()" - also see the discussion there :-) -- ___ Python tracker

[issue27250] Add os.urandom_block()

2016-06-07 Thread Cory Benfield

Cory Benfield added the comment: Uh, sorry, I meant #26839. -- ___ Python tracker ___ ___ Python-bugs-list

[issue27250] Add os.urandom_block()

2016-06-07 Thread Cory Benfield

Cory Benfield added the comment: Marc-Andre: No. See the discussion in the related issue #27249 for more. -- ___ Python tracker ___

[issue27250] Add os.urandom_block()

2016-06-07 Thread STINNER Victor

Changes by STINNER Victor : -- nosy: +christian.heimes ___ Python tracker ___ ___

[issue27250] Add os.urandom_block()

2016-06-07 Thread Marc-Andre Lemburg

Marc-Andre Lemburg added the comment: Should this ticket be named "Add os.random()" ? After all, blocking in case of missing entropy is what /dev/random is all about. -- nosy: +lemburg ___ Python tracker

[issue27250] Add os.urandom_block()

2016-06-07 Thread STINNER Victor

STINNER Victor added the comment: See also issue #26970 "Replace OpenSSL's CPRNG with system entropy source". -- ___ Python tracker ___

[issue27250] Add os.urandom_block()

2016-06-07 Thread Cory Benfield

Cory Benfield added the comment: Let me make the security person argument even though you've dismissed it in your original post: Security should be on by default and opted out of, not the other way around. If the obvious choice is insecure then users who aren't careful enough won't notice,

[issue27250] Add os.urandom_block()

2016-06-07 Thread STINNER Victor

STINNER Victor added the comment: If os.urandom_block() is added, I don't think that it's worth to add os.urandom_info as I proposed in the issue #27249. -- ___ Python tracker

[issue27250] Add os.urandom_block()

2016-06-07 Thread Donald Stufft

Donald Stufft added the comment: This should be add ``os.urandom_noblock`` instead. Don't make every other application change just so the Python interpreter can continue to call ``os.urandom``. -- nosy: +dstufft ___ Python tracker

[issue27250] Add os.urandom_block()

2016-06-07 Thread Alex Gaynor

Changes by Alex Gaynor : -- nosy: +alex ___ Python tracker ___ ___ Python-bugs-list

[issue27250] Add os.urandom_block()

2016-06-07 Thread STINNER Victor

New submission from STINNER Victor: The change of the issue #26839 creates a long discussion around the behaviour of os.urandom() when the entropy pool is not seeded with enough entropy. On Python 2.7, os.urandom() doesn't block in this case. I expect that bytes are random, but not "random

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

[issue27250] Add os.urandom_block()

20 matches

Site Navigation

Mail list logo

Footer information