Message267817
| Author |
Lukasa |
| Recipients |
Colm Buckley, Lukasa, Theodore Tso, alex, christian.heimes, doko, dstufft, larry, lemburg, martin.panter, matejcik, ned.deily, python-dev, rhettinger, skrah, thomas-petazzoni, vstinner, ztane |
| Date |
2016年06月08日.09:30:10 |
| SpamBayes Score |
-1.0 |
| Marked as misclassified |
Yes |
| Message-id |
<1465378210.76.0.166782523032.issue26839@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
> You're right, it's remotely possible that on platforms where /dev/urandom
> could block, Python startup could therefore also block. And I'm not
> proposing we fix that, as so far nobody has reported it as a problem.
>
> This suggests to me that yes I'm talking specifically about the regression
> on Linux in the 3.5 series.
Ok, so with that clarification I personally would prefer Victor's patch from #27266, but can also understand wanting to leave the codebase as-is. Either way would be consistent with your goals, Larry. Victor's patch is more secure, but does cause os.urandom to diverge from the semantics of /dev/urandom in extreme conditions (specifically, early boot) on Linux.
That's your tradeoff to make, Larry. =) I think both sides have been well-argued here. Thanks for clarifying. |
|
History
|
|---|
| Date |
User |
Action |
Args |
| 2016年06月08日 09:30:10 | Lukasa | set | recipients:
+ Lukasa, lemburg, rhettinger, doko, vstinner, larry, christian.heimes, matejcik, ned.deily, alex, skrah, python-dev, martin.panter, ztane, dstufft, thomas-petazzoni, Colm Buckley, Theodore Tso |
| 2016年06月08日 09:30:10 | Lukasa | set | messageid: <1465378210.76.0.166782523032.issue26839@psf.upfronthosting.co.za> |
| 2016年06月08日 09:30:10 | Lukasa | link | issue26839 messages |
| 2016年06月08日 09:30:10 | Lukasa | create |
|