STINNER Victor added the comment: Currently, os.urandom() doesn't block anymore which means secrets should be updated. If we revert os.urandom(), Python must be patched to use a non-blocking urandom to initialized hash secret and random.Random (when the random module is imported).
In both cases, something should be changed. I suggest to move the discussion to the issue #27250 to try to identify which parts of Python requires secure RNG, which parts of Python don't require a secure RNG, and how to expose secure and not secure RNG in Python. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue26839> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
