[Python-Dev] Remove tempfile.mktemp()
ajm at flonidan.dk
Wed Mar 20 08:25:36 EDT 2019
>> 128 bits seems like overkill: There's no birthday attack because
>> no-one keeps 2^(ENTROPY_BITS/2) files around
> You haven't seen my Downloads folder... :-)
I put it to you that those files are not temporary :-)
> Why be so miserly with entropy?
I don't necessarily disagree.
> Using 128 bits is just 22 characters using secrets.token_urlsafe().
A little more when you take into account case-insensitive file systems.
More information about the Python-Dev