[Python-Dev] random.py still broken wrt. urandom (original) (raw)

Tim Peters tim.peters at gmail.com
Sat Sep 4 16:40:55 CEST 2004

[Martin v. Löwis]

I consider the random module still broken in its current form (1.66). It tries to invoke random.urandom(1) in order to find out whether urandom works. Instead, it should defer that determination until urandom is actually used;

Why?

i.e. instead of

if urandom is None: import time a = long(time.time() * 256) # use fractional seconds else: a = long(hexlify(urandom(16)), 16) it should read try: a = long(hexlify(os.urandom(16)), 16) except NotImplementedError: import time a = long(time.time() * 256) # use fractional seconds

Why? I like it better the way it is, in part because this kind of determination is made at least 4 times in random.py, and the "_urandom is None" spelling is quite clear. The

from binascii import hexlify as _hexlify

import certainly doesn't belong in the try/except block setting that up, though.

IMO the patch to random.py should not have been applied without a review.

I think that falls under the "expert rule": Raymond has done more work on random.py than everyone else combined over the last year or two, and he had no reason to suspect this change would be controversial. To the contrary, I specifically suggested (on python-dev) that using urandom in seed() methods, when available, would be a significant improvement over time.time()-based seeding.

Now that you've made your objection, I confess I still have no idea why you're objecting (see "why?" ). I did review the patch (after the fact) for numeric correctness (which did lead to changing the code, due to a subtle numeric flaw in the original HardwareRandom.random).

More information about the Python-Dev mailing list