Christian Heimes added the comment: New plan:
* Add a new uint64 _Py_HashSecret.random_seed * On 'import random' seed random.Random() from _Py_HashSecret.random_seed + gettimeofday().tv_sec + gettimeofday().tv_usec + id(self). That way subinterpreters get a different init state. On systems with a good entropy source, _Py_HashSecret will be filled with cryptographically strong material. On early boot / VM scenarios the situation is a bit degraded but still properly good enough. It's better than to seed from a bad RNG or just from time.time(). ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue27272> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
