Opened 19 months ago

Last modified 19 months ago

#27635 new Cleanup/optimization

django.utils.crypto should use secrets on Python 3.6+

Reported by: Adam (Chainz) Johnson Owned by: nobody
Component: Utilities Version: master
Severity: Normal Keywords:
Cc: aymeric.augustin@…, me@…, desecho@… Triage Stage: Someday/Maybe
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

Aymeric discussing django.utils.crypto on mailing list:

While we’re there, we should use https://docs.python.org/3/library/secrets.html#module-secrets on Python >= 3.6.

Change History (4)

comment:1 Changed 19 months ago by Tim Graham

Triage Stage: UnreviewedAccepted
Type: New featureCleanup/optimization

Specifically, it looks like that means in place of random.SystemRandom.

comment:2 Changed 19 months ago by Anton Samarchyan

Cc: desecho@… added
Has patch: set
Version: 1.10master

Added PR

comment:3 Changed 19 months ago by Tim Graham

Has patch: unset
Triage Stage: AcceptedSomeday/Maybe

Python's secrets.py does from random import SystemRandom so this doesn't change any behavior or add security for now. Adam said, "Presumably the intention is that secrets might one day use a different PRNG's on some OS's." Let's make the change if the benefits become more than theoretical or when only Python 3.6+ is supported.

Another possibility Aymeric mentioned, "In the long run I think we should deprecate get_random_string in favor of similar functions provided by the secrets module. I didn't check whether there was a sensible transition plan to make use of secrets on Python 3.6 while still supporting older versions."

comment:4 in reply to:  3 Changed 19 months ago by Emett Speer

Replying to Tim Graham:

Python's secrets.py does from random import SystemRandom so this doesn't change any behavior or add security for now. Adam said, "Presumably the intention is that secrets might one day use a different PRNG's on some OS's." Let's make the change if the benefits become more than theoretical or when only Python 3.6+ is supported.

Another possibility Aymeric mentioned, "In the long run I think we should deprecate get_random_string in favor of similar functions provided by the secrets module. I didn't check whether there was a sensible transition plan to make use of secrets on Python 3.6 while still supporting older versions."

I'm with you on this. The vast majority of people are not going to use this for a long time and it will add an extra bit of overhead just to support an update in a single version of Python none of the big distros ship. Once more of the Django community has migrated to Python3.6+ it would be worth looking into.

Note: See TracTickets for help on using tickets.
Back to Top