On Wed, Jan 4, 2012 at 8:21 AM, "Martin v. Löwis" <mar...@v.loewis.de> wrote: >> Have you read the following sentence: >> >> “Since some platforms may not have /dev/urandom, we need a PRNG in the >> core, too. I therefore propose to move the Mersenne twister from >> randommodule.c into the core, too.” > > I disagree. We don't need a PRNG on platforms without /dev/urandom or > any other native RNG. > Initializing the string-hash seed to 0 is perfectly fine on those > platforms; we can do slightly better by using, say, the current > time (in ms or µs if available) and the current pid (if available). > > People concerned with the security on those systems either need to > switch to a different system, or provide a patch to access the > platform's native random number generator.
+1 (especially given how far back this is going to be ported) Cheers, Nick. -- Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
