Make a unique filesystem path, without creating the file

Marko Rauhamaa marko at pacujo.net
Mon Feb 22 14:32:44 EST 2016


Jon Ribbens <jon+usenet at unequivocal.co.uk>:

> Suppose you had code like this:
>
>   filename = binascii.hexlify(os.urandom(16)).decode("ascii")
>
> Do we really think that is insecure or that there are any practical
> attacks against it? It would be basically the same as saying that
> urandom() is broken, surely?

urandom() is not quite random and so should not be considered
cryptographically airtight.

Under Linux, /dev/random is the way to go when strong security is
needed. Note that /dev/random is a scarce resource on ordinary systems.


Marko


More information about the Python-list mailing list