Issue #23458: On POSIX, the file descriptor kept open by os.urandom() is now
set to non inheritable
diff --git a/Lib/test/test_os.py b/Lib/test/test_os.py
index e84f457..e60faae 100644
--- a/Lib/test/test_os.py
+++ b/Lib/test/test_os.py
@@ -10,6 +10,7 @@
import signal
import subprocess
import sysconfig
+import textwrap
import time
try:
import resource
@@ -568,6 +569,33 @@
data2 = self.get_urandom_subprocess(16)
self.assertNotEqual(data1, data2)
+ def test_urandom_fd_non_inheritable(self):
+ # Issue #23458: os.urandom() keeps a file descriptor open, but it
+ # must be non inheritable
+ fd_status = test_support.findfile("fd_status.py", subdir="subprocessdata")
+
+ # Need a two subprocesses because the Python test suite opens other
+ # inheritable file descriptors, whereas the test is specific to
+ # os.urandom() file descriptor
+ code = textwrap.dedent("""
+ import os
+ import subprocess
+ import sys
+
+ # Ensure that the /dev/urandom file descriptor is open
+ os.urandom(1)
+
+ exitcode = subprocess.call([sys.executable, %r],
+ close_fds=False)
+ sys.exit(exitcode)
+ """ % fd_status)
+
+ proc = subprocess.Popen([sys.executable, "-c", code],
+ stdout=subprocess.PIPE, close_fds=True)
+ output, error = proc.communicate()
+ open_fds = set(map(int, output.rstrip().split(',')))
+ self.assertEqual(open_fds - set(range(3)), set())
+
HAVE_GETENTROPY = (sysconfig.get_config_var('HAVE_GETENTROPY') == 1)