Steven D'Aprano wrote:
- Linux /dev/urandom doesn't block, but it might return predictable,
poor-quality pseudo-random bytes (i.e. a potential exploit);
- Other OSes may block for potentially many minutes (i.e. a
potential DOS).
It's even possible that it could block *forever*.
There was a case here recently in the cosc dept where students were
running Clojure programs in a virtual machine environment. When
they updated to a newer version of Clojure, everyone's programs
started hanging on startup. It turned out the Clojure library was
initialising its RNG from /dev/random, and the VM didn't have any
real spinning disks or other devices to provide entropy.
--
Greg
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
