Message 267690 - Python tracker (original) (raw)

Christian -

Please note: this is not just a VM/cloud issue. This is observed on physical standalone systems.

The issue (on Debian) is that the Python script xxxx is called very early in the boot process; in particular before most hardware initialization is done. As there are yet no network or USB devices configured, there is no entropy pool to speak of. We observe that getrandom() blocks apparently indefinitely under these circumstances (even though this script has no requirement for random data apart from the hash secret).

My final suggestion is that we return to using a command-line flag to indicate our preferences regarding hash seed initialization; although reverse the sense compared to the -R flag in 3.2.3 (ie: default is to use strong initialization, but allow the user to over-ride just as though PYTHONHASHSEED were set in the environment.)