Message241863
| Author | christian.heimes |
|---|---|
| Recipients | christian.heimes, gurnec, mark.dickinson, rhettinger, serhiy.storchaka, skip.montanaro |
| Date | 2015-04-23.12:07:36 |
| SpamBayes Score | -1.0 |
| Marked as misclassified | Yes |
| Message-id | <1429790857.19.0.925224154305.issue23974@psf.upfronthosting.co.za> |
| In-reply-to |
| Content | |
|---|---|
IMO it's not a security issue at all. If you have to care about security, you shouldn't use the random module at all. random.SystemRandom() merely uses a CPRNG as entropy source. But It also manipulates numbers in ways that may or may not be safe. Only os.getrandom() returns unmodified and unbiased random numbers -- iff the operating system provides a proper CPRNG. |
|
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2015-04-23 12:07:37 | christian.heimes | set | recipients: + christian.heimes, skip.montanaro, rhettinger, mark.dickinson, serhiy.storchaka, gurnec |
| 2015-04-23 12:07:37 | christian.heimes | set | messageid: <1429790857.19.0.925224154305.issue23974@psf.upfronthosting.co.za> |
| 2015-04-23 12:07:37 | christian.heimes | link | issue23974 messages |
| 2015-04-23 12:07:36 | christian.heimes | create | |