[issue16190] Misleading warning in random module docs

Changes by Donald Stufft donald.stu...@gmail.com: -- nosy: +dstufft ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue16190 ___ ___ Python-bugs-list

[issue16190] Misleading warning in random module docs

Antoine Pitrou added the comment: Done. -- resolution: - fixed stage: needs patch - committed/rejected status: open - closed versions: -Python 3.2 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue16190

[issue16190] Misleading warning in random module docs

Roundup Robot added the comment: New changeset 9df0501fab35 by Antoine Pitrou in branch '3.3': Issue #16190: fix random module recommendation to use ssl.RAND_bytes(). http://hg.python.org/cpython/rev/9df0501fab35 New changeset 04b50a1eb013 by Antoine Pitrou in branch 'default': Issue #16190:

[issue16190] Misleading warning in random module docs

STINNER Victor added the comment: Why did you remove reference to ssl.RAND_bytes() on Python 3.3 from the notice? -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue16190 ___

[issue16190] Misleading warning in random module docs

Antoine Pitrou added the comment: As far as I understand, os.urandom() is fine for the task. There's no point in mentioning ssl.RAND_bytes() just because it exists, IMO. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue16190

[issue16190] Misleading warning in random module docs

Christian Heimes added the comment: Thomas H. Ptacek pointed me to a good explanation: http://security.stackexchange.com/a/3939 TL;DR: Just use /dev/urandom and be happy. -- ___ Python tracker rep...@bugs.python.org

[issue16190] Misleading warning in random module docs

Antoine Pitrou added the comment: Agreed with a re-wording. -- nosy: +pitrou ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue16190 ___ ___

[issue16190] Misleading warning in random module docs

Changes by George Peristerakis peristera...@gmail.com: -- nosy: -George.Peristerakis ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue16190 ___ ___

[issue16190] Misleading warning in random module docs

Changes by George Peristerakis peristera...@gmail.com: -- nosy: +George.Peristerakis ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue16190 ___ ___

[issue16190] Misleading warning in random module docs

Changes by Raymond Hettinger raymond.hettin...@gmail.com: -- assignee: docs@python - rhettinger components: +Documentation nosy: +rhettinger priority: normal - low ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue16190

[issue16190] Misleading warning in random module docs

Changes by Ezio Melotti ezio.melo...@gmail.com: -- nosy: +ezio.melotti, haypo stage: - needs patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue16190 ___

[issue16190] Misleading warning in random module docs

STINNER Victor added the comment: See also the issue #15213 (and the issue #12754). -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue16190 ___ ___

[issue16190] Misleading warning in random module docs

New submission from Christian Heimes: The documentation [1] of the random module contains a misleading warning --- Warning: The generators of the random module should not be used for security purposes. Use ssl.RAND_bytes() if you require a cryptographically secure pseudorandom number

[issue16190] Misleading warning in random module docs

Georg Brandl added the comment: Sure, I'd propose a rewording that mentions both alternatives and when they should be used. -- nosy: +georg.brandl ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue16190