[Python-Dev] Remove tempfile.mktemp()

Anders Munch ajm at flonidan.dk
Wed Mar 20 08:25:36 EDT 2019

Steven D'Aprano:
>> 128 bits seems like overkill: There's no birthday attack because 
>> no-one keeps 2^(ENTROPY_BITS/2) files around
> You haven't seen my Downloads folder... :-)

I put it to you that those files are not temporary :-)

> Why be so miserly with entropy?

I don't necessarily disagree.  

> Using 128 bits is just 22 characters using secrets.token_urlsafe().

A little more when you take into account case-insensitive file systems.

regards, Anders

More information about the Python-Dev mailing list