Python's os.urandom() in the absence of entropy
Python's os.urandom() in the absence of entropy
[Security] Posted Jul 10, 2016 14:29 UTC (Sun) by corbet
Python applications, like those written in other languages, often need to
obtain random data for purposes ranging from cryptographic key generation
to initialization of scientific models. For years, the standard way of
getting that data is
via a call to os.urandom(), which is documented to "return a
string of n random bytes suitable for cryptographic use.
" An
enhancement in Python 3.5 caused a subtle change in how
os.urandom() behaves on Linux systems, leading to some long,
heated discussions
about how randomness should be obtained in Python programs. When the dust
settles, Python benevolent dictator for life (BDFL) Guido van Rossum will
have the unenviable task of choosing between two competing proposals.