From: Raymond Hettinger Date: Sat, 8 Mar 2014 17:56:08 +0000 (-0800) Subject: Improve the default seeding in random module to use 32 bytes of entropy when available. X-Git-Tag: v2.7.7rc1~146 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=4c150e0bd2707b88d41d1dec5321b25848f97ac7;p=python Improve the default seeding in random module to use 32 bytes of entropy when available. --- diff --git a/Lib/random.py b/Lib/random.py index 1a3a13ee86..2f2f0915e2 100644 --- a/Lib/random.py +++ b/Lib/random.py @@ -108,7 +108,7 @@ class Random(_random.Random): if a is None: try: - a = long(_hexlify(_urandom(16)), 16) + a = long(_hexlify(_urandom(32)), 16) except NotImplementedError: import time a = long(time.time() * 256) # use fractional seconds diff --git a/Misc/NEWS b/Misc/NEWS index 635c33b571..e974ee442d 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -44,6 +44,10 @@ Library as documented. The pattern and source keyword parameters are left as deprecated aliases. +- Improve the random module's default seeding to use 256 bits of entropy + from os.urandom(). This was already done for Python 3, mildly improving + security with a bigger seed space. + - Issue #15618: Make turtle.py compatible with 'from __future__ import unicode_literals'. Initial patch by Juancarlo Añez.