Donald Stufft added the comment: > Once this has been done, it will never block again, and happily send you poor > random data if the entropy pool has been completely wiped of any entropy data > - without telling you.
This doesn't actually happen in real life, once urandom has been initialized you will never be able to get "poor random" out of it. You will get cryptographically secure random out of it always. *ACTUAL* Cryptographers pretty much universally agree on this statement. You can even use them for cryptographic keys, no matter how long it's been since your system booted as long as the urandom pool has had a chance to initialize. > Or put differently: Where is the attack vector that blocking behavior of os.urandom() would help remedy ? Someone attempting to use cryptographic random before the urandom pool has been sufficiently initialized to provide said random. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue26839> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
