Christian Heimes added the comment: IMO it's not a security issue at all. If you have to care about security, you shouldn't use the random module at all. random.SystemRandom() merely uses a CPRNG as entropy source. But It also manipulates numbers in ways that may or may not be safe.
Only os.getrandom() returns unmodified and unbiased random numbers -- iff the operating system provides a proper CPRNG. ---------- nosy: +christian.heimes _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue23974> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
