diff options
author | Dwayne C. Litzenberger <dlitz@dlitz.net> | 2009-08-28 12:22:27 -0400 |
---|---|---|
committer | Dwayne C. Litzenberger <dlitz@dlitz.net> | 2009-08-28 12:27:52 -0400 |
commit | 02e3976a18bb08e13464184b702ddeebd5c8b74b (patch) | |
tree | fe14bd6bf46fdc2d55d6247e66de1eeab72b3a56 | |
parent | 5236ec3b7fa1204a36bd5aebd880b9468c961e9e (diff) | |
download | pycrypto-02e3976a18bb08e13464184b702ddeebd5c8b74b.tar.gz |
Random: Improve the comment attached to _UserFriendlyRNG#_check_pid
-rw-r--r-- | lib/Crypto/Random/_UserFriendlyRNG.py | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/Crypto/Random/_UserFriendlyRNG.py b/lib/Crypto/Random/_UserFriendlyRNG.py index 58b2246..fd40e96 100644 --- a/lib/Crypto/Random/_UserFriendlyRNG.py +++ b/lib/Crypto/Random/_UserFriendlyRNG.py @@ -123,7 +123,15 @@ class _UserFriendlyRNG(object): return retval def _check_pid(self): - # Lame fork detection to remind the user not to use the same PRNG between forked processes. + # Lame fork detection to remind developers to invoke Random.atfork() + # after every call to os.fork(). Note that this check is not reliable, + # since process IDs can be reused on most operating systems. + # + # You need to do Random.atfork() in the child process after every call + # to os.fork() to avoid reusing PRNG state. If you want to avoid + # leaking PRNG state to child processes (for example, if you are using + # os.setuid()) then you should also invoke Random.atfork() in the + # *parent* process. if os.getpid() != self._pid: raise AssertionError("PID check failed. RNG must be re-initialized after fork(). Hint: Try Random.atfork()") |