Paul Rubin <no.email@nospam.invalid>: >>> http://www.2uo.de/myths-about-urandom/ >> Did you post the link because you agreed with the Web pamphlet? > > I don't know what web pamphlet you mean,
The only one linked above. Cryptography is tricky business, indeed. I know enough about it not to improvise too much. Infinitesimal weaknesses can make a difference between feasible and unfeasible attacks. > but the right thing to use now is getrandom(2). getrandom(2) is a good interface that distinguishes between the flag values 0 => /dev/urandom GRND_RANDOM => /dev/random GRND_RANDOM | GRND_NONBLOCK => /dev/random (O_NONBLOCK) However, although os.urandom() delegates to getrandom(), the documentation suggests it uses the flag value 0 (/dev/urandom). > The random/urandom interface was poorly designed and misleadingly > documented. It could be better I suppose, but I never found it particularly bad. The nice thing about it is that it is readily usable in shell scripts. Marko -- https://mail.python.org/mailman/listinfo/python-list