Antoine Pitrou added the comment: > Python doesn't have a builtin PRNG.
Of course it does. It's in the random module, and you can seed() it: >>> random.seed(5) >>> random.random() 0.6229016948897019 >>> random.random() 0.7417869892607294 >>> random.seed(5) >>> random.random() 0.6229016948897019 See e.g. issue12856. And the multiprocessing module: http://hg.python.org/cpython/file/92039fb68483/Lib/multiprocessing/forkserver.py#l195 > We use the OS's CPRNG such as /dev/urandom or CryptGenRandom(). "We"? > It's not only multiprocessing. What about forking webservers etc. > that use HTTPS? Well, are they affected? I haven't understood your previous answer. ("OpenSSL uses its own PRNG to create (amongst others) session keys for SSL connections") Note that it seems debatable whether it's an OpenSSL bug: http://www.openwall.com/lists/oss-security/2013/04/12/3 ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue18747> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
