[issue26839] Python 3.5 running on Linux kernel 3.17+ can block at startup or on importing the random module on getrandom()

Stefan Krah Tue, 07 Jun 2016 07:19:36 -0700

Stefan Krah added the comment:

man urandom:


"A read from the /dev/urandom device will not block waiting for more entropy.  
As a result, if there is not sufficient entropy in  the
       entropy  pool,  the  returned  values  are  theoretically  vulnerable to 
a cryptographic attack on the algorithms used by the driver.
       Knowledge of how to do this is not available in the current unclassified 
literature, but it is theoretically possible  that  such  an
       attack may exist.  If this is a concern in your application, use 
/dev/random instead."


There was never any guarantee on Linux. Python is a language and not an 
application. Security checks should be done by applications or better during 
the OS startup.  Any properly configured Linux server will not have a problem, 
but it is not up to a language implementation to check for that.

----------

_______________________________________
Python tracker <[email protected]>
<http://bugs.python.org/issue26839>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue26839] Python 3.5 running on Linux kernel 3.17+ can block at startup or on importing the random module on getrandom()

Reply via email to