Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #74688

Re: patch request for os.urandom()

From Christian Heimes <christian@python.org>
Subject Re: patch request for os.urandom()
Date 2014-07-17 22:12 +0200
References <7xlhrrkf6h.fsf@ruckus.brouhaha.com>
Newsgroups comp.lang.python
Message-ID <mailman.11960.1405627956.18130.python-list@python.org> (permalink)

Show all headers | View raw

On 17.07.2014 20:34, Paul Rubin wrote:
> Could os.urandom() be patched to use the new Linux getrandom() system
> call on systems where it is available?  Further info:
> 
> http://lists.openwall.net/linux-kernel/2014/07/17/235
> 
> I've stopped posting to the Python bug tracker because the password
> management issues became too annoying.
> 

The feature will be implemented as soon as the first Linux distribution
comes with a kernel version that supports the new syscall. By the way
Python 3.4 is not vulnerable to fd exhaustion attack. The interpreter
keeps an open file descriptor on /dev/urandom. The wrapper code ensures
that the fd is not replaced.

Back to comp.lang.python | Previous | NextPrevious in thread | Find similar | Unroll thread

Thread

patch request for os.urandom() Paul Rubin <no.email@nospam.invalid> - 2014-07-17 11:34 -0700
  Re: patch request for os.urandom() Chris Angelico <rosuav@gmail.com> - 2014-07-18 04:44 +1000
  Re: patch request for os.urandom() Ned Deily <nad@acm.org> - 2014-07-17 12:37 -0700
  Re: patch request for os.urandom() Sturla Molden <sturla.molden@gmail.com> - 2014-07-17 21:54 +0200
  Re: patch request for os.urandom() Christian Heimes <christian@python.org> - 2014-07-17 22:12 +0200

csiph-web