Re: lazy evaluation of a variable

[Terry Reedy]

On 6/17/2012 5:35 PM, Gelonida N wrote:


I'm having a module, which should lazily evaluate one of it's variables.


If you literally mean a module object, that is not possible. On the 
other hand, it is easy to do with class instances, via the __getattr__ 
special method or via properties.



At the moment I don't know how to do this and do therefore following:
### mymodule.py ###
var = None

def get_var():
 global var
 if var is not None:
 return var
 var = something_time_consuming()



Now the importing code would look like

import mymodule
def f():
 var = mymodule.get_var()

The disadvantage is, that I had to change existing code directly
accessing the variable.



I wondered if there were any way to change mymodule.py such, that the
importing code could just access a variable and the lazy evaluation
would happen transparently.

import mymodule
def f():
 var = mymodule.var


You could now do (untested, too late at night)
# mymodule.py
class _Lazy():
  def __getattr__(self, name):
if name == 'var':
  self.var = something_time_consuming()
  return self.var

lazy = _Lazy()

# user script
from mymodule import lazy
def f():
  var = lazy.var

See Peter's post for using properties instead. That probably scales 
better for multiple lazy attibutes.


--
Terry Jan Reedy



--
http://mail.python.org/mailman/listinfo/python-list

Re: Academic citation of Python

[Curt]

On 2012-06-18, Ben Finney  wrote:
>> >
>> > Actually it's "van Rossum, Guido", not "Rossum, Guido van". The
>> > "van" is part of the family name, not a middle name. It's like "da
>> > Vinci, Leonardo" or "von Sydow, Max". On one occasion Guido
>> > complained that Americans always get his name wrong.
>>
>> I've read that now he prefers Guido V. Rossum, Jr.
>
> Citation needed.

Sorry:

;-)
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: How does python bytecode works?

[Kushal Kumaran]

On Mon, Jun 18, 2012 at 1:23 AM, Devin Jeanpierre
 wrote:
> On Sun, Jun 17, 2012 at 5:54 AM, gmspro  wrote:
>>
>> We know python is written in C.
>> C is not portable.
>
> Badly written C is not portable. But C is probably the most portable
> language on the planet, by virtue of basically every system having a C
> compiler backend.
>
> The issue is that a lot of people make nonportable assumptions about
> C, and runtimes / OSes / architectures are free to make lots of very
> weird decisions.
>
> For example, this code is not strictly universally-compatible C. It is
> "portable" in that the changes required to make it run on any system
> are trivial, but not in the sense that it should be able to compile
> without any changes. (Not unless a cheeky/smart compiler is involved,
> anyway).
>
> int main () {
>    return 0;
> }
>
> Instead of 0, it should "technically" return EXIT_SUCCESS AIUI. Most
> people don't care because EXIT_SUCCESS is 0 almost everywhere.
>

In the interests of pedantry, I will point out that the C standard
requires implementation to treat both 0 and EXIT_SUCCESS to be treated
as successful exits.  The implementation must translate this to
whatever the environment treats as successful termination of the
program.  Ref: specification of the exit(int) function.

>> So how does python work on a webserver like apache/httpd for a python
>> website?
>> How does the intermediate language communicate with server without
>> compiling python code?
>
> Apache is written in C, and can embed CPython. This is easy enough,
> because CPython is written in C, and C works well with other C code.
> CPython itself can communicate with Python code, because it is
> directly responsible for running Python code. So the server
> communicates with CPython, and CPython communicates with the Python
> code. At no time does Python code ever "directly" touch anything other
> than the interpreter.
>
>
> The bytecode doesn't really have much to do with all this, except that
> it is the specific thing that CPython works with.
>

-- 
regards,
kushal
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Academic citation of Python

[Ben Finney]

Curt  writes:

> On 2012-06-16, Christian Heimes  wrote:
> >
> > Actually it's "van Rossum, Guido", not "Rossum, Guido van". The
> > "van" is part of the family name, not a middle name. It's like "da
> > Vinci, Leonardo" or "von Sydow, Max". On one occasion Guido
> > complained that Americans always get his name wrong.
>
> I've read that now he prefers Guido V. Rossum, Jr.

Citation needed.

-- 
 \ “Alternative explanations are always welcome in science, if |
  `\   they are better and explain more. Alternative explanations that |
_o__) explain nothing are not welcome.” —Victor J. Stenger, 2001-11-05 |
Ben Finney
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Is that safe to use ramdom.random() for key to encrypt?

[Andrew Berg]

On 6/17/2012 7:07 PM, Jon Clements wrote:
> I'm reminded of:
> 
> http://xkcd.com/936/
> http://xkcd.com/792/
> 
> There's also one where it's pointed out it's easier to brute force a 
> person who has the code, than brute force the computer. [but can't find 
> that one at the moment]

http://xkcd.com/538/
-- 
CPython 3.3.0a4 | Windows NT 6.1.7601.17803
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Is that safe to use ramdom.random() for key to encrypt?

[Jon Clements]

On Sun, 17 Jun 2012 23:17:37 +, Steven D'Aprano wrote:

> On Mon, 18 Jun 2012 08:41:57 +1000, Chris Angelico wrote:
> 
>> On Mon, Jun 18, 2012 at 3:06 AM, Rafael Durán Castañeda
>>  wrote:
>>> The language Python includes a SystemRandom class that obtains
>>> cryptographic grade random bits from /dev/urandom on a Unix-like
>>> system, including Linux and Mac OS X, while on Windows it uses
>>> CryptGenRandom.
>> 
>> /dev/urandom isn't actually cryptographically secure; it promises not
>> to block, even if it has insufficient entropy. But in your instance...
> 
> Correct. /dev/random is meant to be used for long-lasting
> cryptographically-significant uses, such as keys. urandom is not.
> 
> http://en.wikipedia.org/wiki//dev/random
> 
> 
>>> Do you think is secure enough for token generation? (40 chars long
>>> tokens are used for password reset links in a website, there isn't any
>>> special security concern for the web).
>> 
>> ... it probably is fine, since password reset tokens don't need to be
>> as secure as encryption keys (if anyone _does_ figure out how to
>> predict your password resets, all they'll be able to do is lock people
>> out of their accounts one by one, not snoop on them all unbeknownst,
>> and you'll be able to see log entries showing the resets - you DO log
>> them, right?). In fact, you could probably get away with something
>> pretty trivial there, like a SHA1 of the current timestamp, the user
>> name, and the user's current password hash. The chances that anybody
>> would be able to exploit that are fairly low, given that you're not a
>> bank or other high-profile target.
> 
> If I were an identity thief, I would *love* low-profile targets. Even
> though the payoff would be reduced, the cost would be reduced even more:
> 
> - they tend to be complacent, even more so than high-profile targets;
> 
> - they tend to be smaller, with fewer resources for security;
> 
> - mandatory disclosure laws tend not to apply to them;
> 
> - they don't tend to have the resources to look for anomalous usage
>   patterns, if they even cared enough to want to.
> 
> 
> If there was a Facebook-like website that wasn't Facebook[1], but still
> with multiple tens of thousands of users, I reckon a cracker who didn't
> vandalise people's accounts could steal private data from it for *years*
> before anyone noticed, and months or years more before they did
> something about it.
> 
> 
> 
> [1] And very likely a Facebook-like website that *was* Facebook. I
> reckon the odds are about 50:50 that FB would prefer to keep a breach
> secret than risk the bad publicity by fixing it.
> 
> 
> --
> Steven

I'm reminded of:

http://xkcd.com/936/
http://xkcd.com/792/

There's also one where it's pointed out it's easier to brute force a 
person who has the code, than brute force the computer. [but can't find 
that one at the moment]




-- 
http://mail.python.org/mailman/listinfo/python-list

Re: How does python bytecode works?

[Dan Stromberg]

On Sun, Jun 17, 2012 at 2:54 AM, gmspro  wrote:

> We know python is written in C.
>
Yes, at least CPython is.  Of course, java is written in C, as are many
other languages.


> C is not portable.
>
C gives you lots of rope to hang yourself with, but if you use C well, it's
more portable than anything else, including the "portable" languages (the
ones that don't give you much rope).


> So how does python work on a webserver like apache/httpd for a python
> website?
>
I guess this is kind of like asking how you breathe.  Python just gets
exec'd or dlopen'd or something.


> How does the intermediate language communicate with server without
> compiling python code?
>
CPython is to .pyc as java is to .class.  They're both byte-compiled.  Java
is more commonly JIT compiled than CPython, but Python in general does
allow JIT compilation.

IOW, CPython is compiled, it just doesn't burden the developer with a
separate compile step.


> Or how does python interpreted code work with webserver for python based
> websites?
>
Please see above.


> Please elaborate/explain this topic with example.
>
You may get better answers if you get into more specifics about what your
question really is.
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: lazy evaluation of a variable

[Jose H. Martinez]

Another option would be to refactor your function so that it is a generator
expression using the yield keyword.


On Sun, Jun 17, 2012 at 7:40 PM, Peter Otten <__pete...@web.de> wrote:

> Gelonida N wrote:
>
> > I'm having a module, which should lazily evaluate one of it's variables.
> > Meaning that it is evaluated only if anybody tries to use this variable.
> >
> > At the moment I don't know how to do this and do therefore following:
> >
> >
> > ### mymodule.py ###
> > var = None
> >
> > def get_var():
> >  global var
> >  if var is not None:
> >  return var
> >  var = something_time_consuming()
> >
> >
> >
> > Now the importing code would look like
> >
> > import mymodule
> > def f():
> >  var = mymodule.get_var()
> >
> > The disadvantage is, that I had to change existing code directly
> > accessing the variable.
> >
> >
> > I wondered if there were any way to change mymodule.py such, that the
> > importing code could just access a variable and the lazy evaluation
> > would happen transparently.
> >
> > import mymodule
> > def f():
> >  var = mymodule.var
> >
> >
> >
> > Thanks in advance for you suggestions
>
> You can inject arbitrary objects into sys.modules:
>
> >>> import sys
> >>> class MyModule(object):
> ... def __init__(self):
> ... self._var = None
> ... @property
> ... def var(self):
> ... result = self._var
> ... if result is None:
> ... print "calculating..."
> ... self._var = result = 42
> ... return result
> ...
> >>> sys.modules["mymodule"] = MyModule()
> >>> import mymodule
> >>> mymodule.var
> calculating...
> 42
> >>> mymodule.var
> 42
>
>
> --
> http://mail.python.org/mailman/listinfo/python-list
>
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Is that safe to use ramdom.random() for key to encrypt?

[Paul Rubin]

Steven D'Aprano  writes:
>> /dev/urandom isn't actually cryptographically secure; it promises not to
>> block, even if it has insufficient entropy. But in your instance...
>
> Correct. /dev/random is meant to be used for long-lasting 
> cryptographically-significant uses, such as keys. urandom is not.

They are both ill-advised if you're doing anything really serious.  In
practice if enough entropy has been in the system to make a key with
/dev/random, then urandom should also be ok.  Unfortunately the sensible
interface is missing: block until there's enough entropy, then generate
data cryptographically, folding in new entropy when it's available.

http://web.archive.org/web/20081003041432/http://www.pinkas.net/PAPERS/gpr06.pdf
 
has gory details of how random/urandom work.

If you're really paranoid, get one of these: http://www.entropykey.co.uk/
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: lazy evaluation of a variable

[Peter Otten]

Gelonida N wrote:

> I'm having a module, which should lazily evaluate one of it's variables.
> Meaning that it is evaluated only if anybody tries to use this variable.
> 
> At the moment I don't know how to do this and do therefore following:
> 
> 
> ### mymodule.py ###
> var = None
> 
> def get_var():
>  global var
>  if var is not None:
>  return var
>  var = something_time_consuming()
> 
> 
> 
> Now the importing code would look like
> 
> import mymodule
> def f():
>  var = mymodule.get_var()
> 
> The disadvantage is, that I had to change existing code directly
> accessing the variable.
> 
> 
> I wondered if there were any way to change mymodule.py such, that the
> importing code could just access a variable and the lazy evaluation
> would happen transparently.
> 
> import mymodule
> def f():
>  var = mymodule.var
> 
> 
> 
> Thanks in advance for you suggestions

You can inject arbitrary objects into sys.modules:

>>> import sys
>>> class MyModule(object):
... def __init__(self):
... self._var = None
... @property
... def var(self):
... result = self._var
... if result is None:
... print "calculating..."
... self._var = result = 42
... return result
... 
>>> sys.modules["mymodule"] = MyModule()
>>> import mymodule
>>> mymodule.var
calculating...
42
>>> mymodule.var
42


-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Is that safe to use ramdom.random() for key to encrypt?

[Steven D'Aprano]

On Mon, 18 Jun 2012 08:41:57 +1000, Chris Angelico wrote:

> On Mon, Jun 18, 2012 at 3:06 AM, Rafael Durán Castañeda
>  wrote:
>> The language Python includes a SystemRandom class that obtains
>> cryptographic grade random bits from /dev/urandom on a Unix-like
>> system, including Linux and Mac OS X, while on Windows it uses
>> CryptGenRandom.
> 
> /dev/urandom isn't actually cryptographically secure; it promises not to
> block, even if it has insufficient entropy. But in your instance...

Correct. /dev/random is meant to be used for long-lasting 
cryptographically-significant uses, such as keys. urandom is not.

http://en.wikipedia.org/wiki//dev/random

 
>> Do you think is secure enough for token generation? (40 chars long
>> tokens are used for password reset links in a website, there isn't any
>> special security concern for the web).
> 
> ... it probably is fine, since password reset tokens don't need to be as
> secure as encryption keys (if anyone _does_ figure out how to predict
> your password resets, all they'll be able to do is lock people out of
> their accounts one by one, not snoop on them all unbeknownst, and you'll
> be able to see log entries showing the resets - you DO log them,
> right?). In fact, you could probably get away with something pretty
> trivial there, like a SHA1 of the current timestamp, the user name, and
> the user's current password hash. The chances that anybody would be able
> to exploit that are fairly low, given that you're not a bank or other
> high-profile target.

If I were an identity thief, I would *love* low-profile targets. Even 
though the payoff would be reduced, the cost would be reduced even more:

- they tend to be complacent, even more so than high-profile targets;

- they tend to be smaller, with fewer resources for security;

- mandatory disclosure laws tend not to apply to them;

- they don't tend to have the resources to look for anomalous usage
  patterns, if they even cared enough to want to.


If there was a Facebook-like website that wasn't Facebook[1], but still 
with multiple tens of thousands of users, I reckon a cracker who didn't 
vandalise people's accounts could steal private data from it for *years* 
before anyone noticed, and months or years more before they did something 
about it.



[1] And very likely a Facebook-like website that *was* Facebook. I reckon 
the odds are about 50:50 that FB would prefer to keep a breach secret 
than risk the bad publicity by fixing it.


-- 
Steven
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: lazy evaluation of a variable

[Steven D'Aprano]

On Mon, 18 Jun 2012 07:44:47 +1000, Cameron Simpson wrote:

> On 17Jun2012 23:35, Gelonida N  wrote: | I'm having
> a module, which should lazily evaluate one of it's variables. | Meaning
> that it is evaluated only if anybody tries to use this variable.
> 
> If it were an object member you could use a property. Does it need to be
> a module global?
> 
> In related news, can one make "properties" for modules? I was wondering
> about this a month or so ago.


There have been various half-hearted requests for such a feature, 
including by myself, but nothing concrete.

One day, in my Copious Spare Time, I intend to write a proper feature 
request and/or PEP for such a feature. Obviously the absolute earliest 
such a feature could be introduced is Python 3.4, about 18 months from 
now. (Although frankly, I would imagine significant opposition from the 
more conservative Python developers.)


-- 
Steven
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Is that safe to use ramdom.random() for key to encrypt?

[Chris Angelico]

On Mon, Jun 18, 2012 at 3:06 AM, Rafael Durán Castañeda
 wrote:
> The language Python includes a SystemRandom class that obtains cryptographic
> grade random bits from /dev/urandom on a Unix-like system, including Linux
> and Mac OS X, while on Windows it uses CryptGenRandom.

/dev/urandom isn't actually cryptographically secure; it promises not
to block, even if it has insufficient entropy. But in your instance...

> Do you think is secure enough for token generation? (40 chars long tokens
> are used for password reset links in a website, there isn't any special
> security concern for the web).

... it probably is fine, since password reset tokens don't need to be
as secure as encryption keys (if anyone _does_ figure out how to
predict your password resets, all they'll be able to do is lock people
out of their accounts one by one, not snoop on them all unbeknownst,
and you'll be able to see log entries showing the resets - you DO log
them, right?). In fact, you could probably get away with something
pretty trivial there, like a SHA1 of the current timestamp, the user
name, and the user's current password hash. The chances that anybody
would be able to exploit that are fairly low, given that you're not a
bank or other high-profile target.

ChrisA
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: lazy evaluation of a variable

[Cameron Simpson]

On 17Jun2012 23:35, Gelonida N  wrote:
| I'm having a module, which should lazily evaluate one of it's variables.
| Meaning that it is evaluated only if anybody tries to use this variable.

If it were an object member you could use a property.
Does it need to be a module global?

In related news, can one make "properties" for modules? I was wondering
about this a month or so ago.
-- 
Cameron Simpson 

If your new theorem can be stated with great simplicity, then there
will exist a pathological exception.- Adrian Mathesis
-- 
http://mail.python.org/mailman/listinfo/python-list

lazy evaluation of a variable

[Gelonida N]

Hi,

I'm not sure whether what I ask for is impossible, but would know how 
others handle such situations.




I'm having a module, which should lazily evaluate one of it's variables.
Meaning that it is evaluated only if anybody tries to use this variable.

At the moment I don't know how to do this and do therefore following:


### mymodule.py ###
var = None

def get_var():
global var
if var is not None:
return var
var = something_time_consuming()



Now the importing code would look like

import mymodule
def f():
var = mymodule.get_var()

The disadvantage is, that I had to change existing code directly 
accessing the variable.



I wondered if there were any way to change mymodule.py such, that the 
importing code could just access a variable and the lazy evaluation 
would happen transparently.


import mymodule
def f():
var = mymodule.var



Thanks in advance for you suggestions





--
http://mail.python.org/mailman/listinfo/python-list

Re: Threads vs subprocesses

[Cameron Simpson]

On 18Jun2012 00:17, John O'Hagan  wrote:
| On Sat, 16 Jun 2012 13:27:45 -0400
| Dennis Lee Bieber  wrote:
| > Not "after each event is read" but when a new event is
| > generated/inserted. The list is not a FIFO where new events are added to
| > the end, but more of a priority queue where the lowest time is the next
| > to be retrieved.
| 
| You're right, of course.

Thought I'd point out that a heapq works nicely for this, or it has for
me in this scenario , anyway.
-- 
Cameron Simpson 
-- 
http://mail.python.org/mailman/listinfo/python-list

Cross-platform mobile application written in Python

[Alex Susu]

 Hello.

  I would like to point you to a project that I worked on lately: iCam, a
video surveillance cross-platform mobile application (Android, Symbian,
iOS, WinCE) written in Python, which uploads normally media to YouTube and
Picasa. The project can be found at
http://code.google.com/p/icam-mobile-revival/ (also at http://go.to/slog).

  I would be happy to answer questions related to the project and
appreciate if you can provide me feedback.

  With best regards,
Alex Susu
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: How does python bytecode works?

[Devin Jeanpierre]

On Sun, Jun 17, 2012 at 5:54 AM, gmspro  wrote:
>
> We know python is written in C.
> C is not portable.

Badly written C is not portable. But C is probably the most portable
language on the planet, by virtue of basically every system having a C
compiler backend.

The issue is that a lot of people make nonportable assumptions about
C, and runtimes / OSes / architectures are free to make lots of very
weird decisions.

For example, this code is not strictly universally-compatible C. It is
"portable" in that the changes required to make it run on any system
are trivial, but not in the sense that it should be able to compile
without any changes. (Not unless a cheeky/smart compiler is involved,
anyway).

int main () {
return 0;
}

Instead of 0, it should "technically" return EXIT_SUCCESS AIUI. Most
people don't care because EXIT_SUCCESS is 0 almost everywhere.

> So how does python work on a webserver like apache/httpd for a python
> website?
> How does the intermediate language communicate with server without
> compiling python code?

Apache is written in C, and can embed CPython. This is easy enough,
because CPython is written in C, and C works well with other C code.
CPython itself can communicate with Python code, because it is
directly responsible for running Python code. So the server
communicates with CPython, and CPython communicates with the Python
code. At no time does Python code ever "directly" touch anything other
than the interpreter.


The bytecode doesn't really have much to do with all this, except that
it is the specific thing that CPython works with.

-- Devin
-- 
http://mail.python.org/mailman/listinfo/python-list

[ANNC] vbot-0.3

[Lee Harr]

vBot is a visual programming game.
    Use a small set of command tiles to build a program.
    The program must control the vBot and make it activate
    every target using the limited command set.

It is meant to be an easy environment for introducing
    some programming concepts to beginning programmers.


https://bitbucket.org/leeharr/vbot


This release adds several new levels and organizes them by
    level of difficulty. It also adds several new features.


vBot is tested with Python 2.7.3 and PyQt 4.9.1

vBot is released under GPLv3.


Changes in vbot-0.3:
    - Added success dialog with option to go to next level
    - Sorted levels by difficulty and concept
    - Added utility for re-sorting levels by difficulty
    - Backspace key removes last tile in active function
    - Added ability to remember a player's completed levels online
    - server code not included with this distribution...

  
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: How does python bytecode works?

[Terry Reedy]

On 6/17/2012 5:54 AM, gmspro wrote:

We know python is written in C.


Nope. The CPython Python interpreter is written in (as portable as 
possible) C. The Jython, IronPython, and PyPy Python interpreters are 
written in Jave, C#, and Python respectively. Each compiles Python to 
something different. I presume each (normally) saves the compiled form 
until the source changes. CPython compiles to CPython-specific bytecode. 
It saves the bytecode as a .pyc file in a .__cache__ subdirectory (in 3.2+).



C is not portable.


Yes it is (mostly). CPython has been compilied, with minor adjustments, 
on numerous (>20) systems.



So how does python work on a webserver like apache/httpd for a python
website?


The website has a Python interpreter.


How does the intermediate language communicate with server without
compiling python code?


The Python interpreter of the website *does* compile Python code to 
whatever it compiles to.


--
Terry Jan Reedy



--
http://mail.python.org/mailman/listinfo/python-list

Re: How can i build python3 without optimization?

[Kev Dwyer]

gmspro wrote:

> I tried this:
> CFLAG=-g ./configure --prefix=/home/user/localdir
> 
> But during debugging python i get:
> 
> (gdb)next
> (gdb)print variable
> (gdb)$1 = 
> 
> What should i do?
> How can i get the value of a variable instead of  ?
> 
> Thanks.


Maybe try: http://docs.python.org/devguide/setup.html#compiling-for-
debugging

-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Is that safe to use ramdom.random() for key to encrypt?

[Rafael Durán Castañeda]

El 17/06/12 06:48, Chris Angelico escribió:

On Sun, Jun 17, 2012 at 2:18 PM, Steven D'Aprano
  wrote:

Safe from what? What is your threat model? Are you worried about your
little sister reading your diary? Or the NSA discovering your plans to
assassinate the President? Or something in between?

Python's random module is not cryptographically strong, which means that
it will probably take an organisation like the NSA, MI5, ASIO, Mossad,
etc. about 10 or 20 minutes to crack your password. But your little
sister will probably take a hundred million years to guess it.

Your little sister would quite possibly be kept off by rot13, which
everyone knows isn't cryptographically secure. All it takes is making
something look encrypted and most people won't bother to try (plus
it's the whole "this isn't public kthx" thing, which many people will
respect).

Of course, if you're just trying to fool the BOFH's technical manager,
it's even easier.

http://bofh.ch/newbofh/bofh4oct.html

ChrisA

Hi,

When generating random strings I usually do something like this 
wikepedia extract (http://en.wikipedia.org/wiki/Random_password_generator):


The language Python 
 
includes a SystemRandom class that obtains cryptographic grade random 
bits from /dev/urandom on a Unix-like system, including Linux and Mac OS 
X, while on Windows it uses CryptGenRandom.^[4] 
 
^[5] 
 
Here is a simple Python 2 script that demonstrates the use of this class:


#!/usr/bin/python
import  random,  string
myrg=  random.SystemRandom()
length=  10
# If you want non-English characters, remove the [0:52]
alphabet=  string.letters[0:52]  +string.digits
pw=  str().join(myrg.choice(alphabet)  for  _in  range(length))
print  pw

Do you think is secure enough for token generation? (40 chars long tokens are 
used for password reset links in a website, there isn't any special security 
concern for the web).


-- 
http://mail.python.org/mailman/listinfo/python-list

How can i build python3 without optimization?

[gmspro]

I tried this:
CFLAG=-g ./configure --prefix=/home/user/localdir

But during debugging python i get:

(gdb)next
(gdb)print variable
(gdb)$1 = 

What should i do?
How can i get the value of a variable instead of  ?

Thanks.
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Python 3.3.0a4, please add ru'...'

[jmfauth]

On 17 juin, 15:48, Christian Heimes  wrote:
> Am 17.06.2012 14:11, schrieb jmfauth:
>
> > I noticed this at the 3.3.0a0 realease.
>
> > The main motivation for this came from this:
> >http://bugs.python.org/issue13748
>
> > PS I saw the dev-list message.
>
> > PS2 Opinion, if not really useful, consistency nver hurts.
>
> We are must likely drop the ur"" syntax as it's not compatible with
> Python 2.x's raw unicode notation.http://bugs.python.org/issue15096
>
> Christian


Yes, but on the other side, "you" (core developers) have reintroduced
the
messs of the unicode literal, now *assume* it (logiccally).

If the core developers have introduced rb'' or br' (Py2)' because they
never
know if the have to type "rb" or "br" (me too), what a beginner should
thing about "ur" and "ru"?

Finally, the ultimate argument: what it is Python 3 supposed to be?
A Python 2 derivative for lazy (ascii) programmers or an appealing
clean and coherent language?

jmf




-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Pythonic cross-platform GUI desingers ?? la Interface Builder (Re: what gui designer is everyone using)

[Chris Angelico]

On Sun, Jun 17, 2012 at 7:01 PM, Chris Fox  wrote:
> On 17/06/2012 03:42, Chris Angelico wrote:
>> I want to promote Linux as a replacement for Windows. But I do not
>> see that Linux needs to be able to run Internet Explorer in order
>> to do that. Maybe when people move to a replacement, they need to
>> learn a slightly different way of doing things; and in this case, I
>> would strongly recommend the "build your UI in code" method.
>>
>> ChrisA
>
> So you use wget on linux and read the html code in a terminal? That
> would seem to be a reasonable analogy.
>
> (a different) Chris

Well, I have been known to use wget, a simple HTML-to-text converter,
and watch... made for a fairly simple monitor for something that had a
browser-based status display. But no, I don't go to that extent. That
would be analogous to abolishing GUI frameworks altogether and
expecting everyone to use and write command-line tools. We're talking
here about building your own program, and whether or not you can use a
GUI to build a GUI. Most other interfaces aren't built using
themselves; look at web-based web site builders, they almost
universally suck (and those that don't suck are special-purpose
things, like MediaWiki, that just happen to be able to be used to
build a web site). WYSIWYG HTML editors have become rather better now
than they were (say) 10-15 years ago, but I still believe in
hand-writing HTML and CSS (or using straight-forward tools) for best
results.

ChrisA
(keeping the A(ngelico) on the name to distinguish from all the other
geeky Chrises, of whom there are a good few on this list)
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Academic citation of Python

[Curt]

On 2012-06-16, Christian Heimes  wrote:
>
> Actually it's "van Rossum, Guido", not "Rossum, Guido van". The "van" is
> part of the family name, not a middle name. It's like "da Vinci,
> Leonardo" or "von Sydow, Max". On one occasion Guido complained that
> Americans always get his name wrong.

I've read that now he prefers Guido V. Rossum, Jr.
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Threads vs subprocesses

[John O'Hagan]

On Sat, 16 Jun 2012 13:27:45 -0400
Dennis Lee Bieber  wrote:

> On Sat, 16 Jun 2012 20:01:12 +1000, John O'Hagan
>  declaimed the following in
> gmane.comp.python.general:
> 
> > 
> > That looks like a possible way to do all the streams in a single thread,
> > although it works a little differently from your outline above if I
> > understand you correctly, in that only the events know their start times
> > and they are produced by iterators which can be modified on the fly and
> > which can be added and removed from the overall process at any time, so
> > it's not possible to know in advance which iterator will produce the
> > chronologically next event. I think
> 
>   Which is why I mentioned processing all events at a time-point, then
> iterate for the next events if any are generated -- and a "time-ordered"
> (aka; priority) list, so the new events are positioned in the correct
> sequence against any other events that are in it.
 
Now I get it, I thought you meant generating all events ahead of time.

> > that means that any ordered list of events would have to be re-ordered after
> > each event is read. It might be worth a try though. I notice there is simpy
> > for
> 
>   Not "after each event is read" but when a new event is
> generated/inserted. The list is not a FIFO where new events are added to
> the end, but more of a priority queue where the lowest time is the next
> to be retrieved.

You're right, of course.

> > discrete event simulation in python. I'll look into it, thanks.
> >
>   One major difference is that traditional discrete event simulation
> uses a false clock -- the simulation time advances to the next (first
> pending) event time immediately. You'd need to modify that operation to
> put in a real-time clock "sleep until" effect.

My events are already handled that way so that's easy - the hard part is the
more complex logic required by doing it without threads. Or maybe it's just
different, I'm in the process of getting my head around it; thanks for the
pointers.

John
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Python 3.3.0a4, please add ru'...'

[Christian Heimes]

Am 17.06.2012 14:11, schrieb jmfauth:
> I noticed this at the 3.3.0a0 realease.
> 
> The main motivation for this came from this:
> http://bugs.python.org/issue13748
> 
> PS I saw the dev-list message.
> 
> PS2 Opinion, if not really useful, consistency nver hurts.

We are must likely drop the ur"" syntax as it's not compatible with
Python 2.x's raw unicode notation. http://bugs.python.org/issue15096

Christian

-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Python 3.3.0a4, please add ru'...'

[Steven D'Aprano]

On Sun, 17 Jun 2012 05:11:25 -0700, jmfauth wrote:

> PS2 Opinion, if not really useful, consistency nver hurts.

If you're doing something useless or harmful, why would you want to do 
more of it for the sake of consistency?

"Consistency" requires somebody to write the code in the first place, 
which isn't free. If you don't have to pay for it, *somebody* pays for 
it, even if it is only in their own time and effort. That's a real cost.

Somebody has to write the code, update the documentation and create tests 
for it. Somebody else has to review the code. Every single time Python's 
test suite is run, extra tests are run. More code means greater chance of 
bugs or regressions. These are real costs.

Python programmers have to learn the new functionality, which may or may 
not be simple. Every time they write a string, they have to decide which 
delimiter to use: currently, there are 16 in Python 2, and a similar 
number in Python 3 (more? fewer? I'm honestly not sure). That decision 
isn't free. Your proposal would add four more string delimiters.

Now these may all be *small* costs, perhaps. They might be small enough 
that consistency for its own sake outweighs those costs. Maybe. But 
consistency doesn't happen for free. So it is not true that consistency 
*never* hurts. Consistency ALWAYS hurts, at least a bit, because it adds 
complexity. The only question is whether or not the benefit outweighs the 
harm. Often it will, but that can't be taken for granted.

"A foolish consistency is the hobgoblin of little minds"
- Ralph Waldo Emerson



-- 
Steven
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Python 3.3.0a4, please add ru'...'

[jmfauth]

On 17 juin, 13:30, Christian Heimes  wrote:
> Am 16.06.2012 19:36, schrieb jmfauth:
>
> > Please consistency.
>
> Python 3.3 supports the ur"" syntax just as Python 2.x:
>
> $ ./python
> Python 3.3.0a4+ (default:4c704dc97496, Jun 16 2012, 00:06:09)
> [GCC 4.6.3] on linux
> Type "help", "copyright", "credits" or "license" for more information.>>> ur""
>
> ''
> [73917 refs]
>
> Neither Python 2 nor Python 3 supports ru"". I'm a bit astonished that
> rb"" works in Python 3 as it doesn't work in Python 2.7. But br"" works
> everywhere.
>
> Christian

I noticed this at the 3.3.0a0 realease.

The main motivation for this came from this:
http://bugs.python.org/issue13748

PS I saw the dev-list message.

PS2 Opinion, if not really useful, consistency nver hurts.

jmf
-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Python 3.3.0a4, please add ru'...'

[Christian Heimes]

Am 16.06.2012 19:36, schrieb jmfauth:
> Please consistency.

Python 3.3 supports the ur"" syntax just as Python 2.x:

$ ./python
Python 3.3.0a4+ (default:4c704dc97496, Jun 16 2012, 00:06:09)
[GCC 4.6.3] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> ur""
''
[73917 refs]


Neither Python 2 nor Python 3 supports ru"". I'm a bit astonished that
rb"" works in Python 3 as it doesn't work in Python 2.7. But br"" works
everywhere.

Christian

-- 
http://mail.python.org/mailman/listinfo/python-list

Re: How does python bytecode works?

[Kev Dwyer]

gmspro wrote:

> We know python is written in C.
> C is not portable.
> So how does python work on a webserver like apache/httpd for a python
> website? How does the intermediate language communicate with server
> without compiling python code? Or how does python interpreted code work
> with webserver for python based websites?
> 
> Please elaborate/explain this topic with example.
> 
> Thanks.

http://en.wikipedia.org/wiki/Bytecode

-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Python 3.3.0a4, please add ru'...'

[Serhiy Storchaka]

On 16.06.12 20:36, jmfauth wrote:

u'a'

'a'

ur'a'

'a'


Please, never use u'' in new Python 3 code. This is only for 
compatibility with Python 2. And Python 2 does not support ru''.


--
http://mail.python.org/mailman/listinfo/python-list

How does python bytecode works?

[gmspro]

We know python is written in C.
C is not portable.
So how does python work on a webserver like apache/httpd for a python website?
How does the intermediate language communicate with server without compiling 
python code?
Or how does python interpreted code work with webserver for python based 
websites?

Please elaborate/explain this topic with example.

Thanks.

-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Academic citation of Python

[Stefan Behnel]

Dennis Lee Bieber, 17.06.2012 02:46:
> On Sat, 16 Jun 2012 20:25:29 -0400, Terry Reedy
> declaimed the following in gmane.comp.python.general:
> 
>> Thank you for the correction. I was going by an old book (1996) he 
>> co-wrote that just had 'Rossum' on the spine. I guess that must have 
>> been done without consulting him and must have annoyed him.
> 
>   If ALL they had on the spine was "Rossum", that may have been
> correct usage for a surname only reference. The "van", "von", "da"
> prefixes sort of translate to "of the" and for a book spine "of the XYZ"
> may be meaningless unless the given name is included, a la "ABC of the
> XYZ"...

It's a bit like using "New York" as a surname, when you refer to that guy
Jason who was born there, as in "Jason of New York".

Stefan

-- 
http://mail.python.org/mailman/listinfo/python-list

Re: Pythonic cross-platform GUI desingers ?? la Interface Builder (Re: what gui designer is everyone using)

[Chris Fox]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 17/06/2012 03:42, Chris Angelico wrote:
> On Fri, Jun 15, 2012 at 7:47 AM, Dietmar Schwertberger 
>  wrote:
>> The point is, that if you want to promote Python as replacement 
>> for e.g. VB, Labview etc., then an easy-to-use GUI builder is
>> required. The typical GUI programs will just have an input mask,
>> a button and one or two output fields.
> 
> I want to promote Linux as a replacement for Windows. But I do not
> see that Linux needs to be able to run Internet Explorer in order
> to do that. Maybe when people move to a replacement, they need to
> learn a slightly different way of doing things; and in this case, I
> would strongly recommend the "build your UI in code" method.
> 
> ChrisA

So you use wget on linux and read the html code in a terminal? That
would seem to be a reasonable analogy.

(a different) Chris


-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk/dnQUACgkQ/UgLKfoJxI6FzgCg0zRwrwQJwwCMatEEMhYyMvPN
eGsAn111DGx2lgo7Y6vMJr0EcD+zGDHD
=GjZF
-END PGP SIGNATURE-
-- 
http://mail.python.org/mailman/listinfo/python-list