moo.core.tests.test_security_random

Security audit: random module

Tests potential attack vectors when adding ‘random’ to ALLOWED_MODULES. Pass 17 focus: new module addition.

Functions

test_random_Random_class_no_dunder_access()	Random class dunder attributes blocked by underscore guard.
test_random_SystemRandom_safe()	SystemRandom is a Random subclass using os.urandom, has same safety props.
test_random_basic_usage()	Confirm basic random module functions work as expected.
test_random_constants_safe()	Module-level constants (BPF, LOG4, etc.) are safe numeric values.
test_random_getstate_no_dangerous_attrs()	getstate() returns a plain tuple with no dangerous attributes.
test_random_hasattr_respects_INSPECT_ATTRIBUTES()	Confirm hasattr() on random objects checks INSPECT_ATTRIBUTES.
test_random_instance_no_dunder_access()	Random instance dunder attributes blocked by underscore guard.
test_random_module_no_submodule_traversal()	random module exports are classes/functions/constants, not submodules.
test_random_no_dunder_access()	Underscore guard blocks dunder attributes on the random module.
test_random_no_format_methods()	Random objects don't expose format/format_map methods.
test_random_no_frame_attributes()	INSPECT_ATTRIBUTES guard blocks frame attrs even if they existed.
test_random_no_module_attributes()	Random class attributes are functions/methods/constants, not modules.
test_random_respects_underscore_guard()	Confirm random objects respect the global underscore attribute guard.
test_random_seed_setstate_task_isolated()	seed() and setstate() manipulate module-level state safely.