Larry Hastings added the comment: os.getrandom() would be a thin shell around what the local OS provides, and has the advantage of behaving in a predictable manner. If you provide block=, its implementation and semantics will vary wildly between platforms.
* On Linux, block=False should be the default. block=True means it will use getrandom(), and block=False means it will use /dev/urandom except possibly getrandom(). * On FreeBSD, block=True will be the default, and block=False will either be ignored, or return an empty string (or throw an exception, depending on what would be a better error-handling mechanism, IDK). * On OS X, block=False would be the default, and block=True would be ignored, because the interface doesn't permit blocking to wait for additional entropy and generating higher-quality random bits. So, yes, the os module should *expose* the behavior of the underlying OS, rather than trying to paper over it. > there is a lot of code out there using os.urandom for it's security properties This is exactly why we should not change the behavior of os.urandom(). os.urandom() must not block on Linux. So defaulting to block=True on Linux is a non-starter. The argument "if we add a block parameter, then users can use it and benefit", is equivalent to saying "if we add a new function os.getrandom(), then users can use it and benefit". The user needs to be educated, and we can do that with either approach. However, if users want to write backwards-compatible code, it's a lot easier to detect the presence or lack of a new function (hasattr(os, "getrandom")) than to detect the presence or lack of a new parameter to an existing function (which, if we're lucky, we could do with inspect.signature, and if we're unlucky involves a try/except block). ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue27266> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
