According to the docs, "On a UNIX-like system this will query /dev/ urandom": http://docs.python.org/library/os.html
These libraries may also be of interest to you: http://docs.python.org/library/crypto.html http://docs.python.org/library/random.html http://docs.python.org/library/uuid.html Personally, I'm using random.random() for CSRF tokens and it works great. I'm curious, what kind of application are you developing that requires this level of security? On Jan 16, 1:16 am, "Alexander Konovalenko" <alex...@gmail.com> wrote: > Web applications that implement user accounts need to generate > unpredictable values for session cookies and anti-CSRF tokens. So > several questions about App Engine arise: > > 1. How is os.urandom() implemented in production? That is, what > entropy sources does it use? What RNG algorithm? > > 2. Is there a supported way to obtain some high-entropy bits (like > /dev/random in Linux)? > > 3. Are there any features that could help us generate > cryptographically strong random numbers? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
