Make a unique filesystem path, without creating the file

Steven D'Aprano steve at pearwood.info
Mon Feb 22 18:45:37 EST 2016


On Tue, 23 Feb 2016 06:22 am, Paul Rubin wrote:

> Chris Angelico <rosuav at gmail.com> writes:
>>> I was under the impression that the point of UUIDs is that you can be
>>> *so* confident that there won't be a collision that for all practical
>>> purposes it's indistinguishable from being certain.
>> Maybe, if everyone's cooperating. I'm not sure how they fare in the
>> face of malice though.
> 
> There are different UUID algorithms, some of which have useful syntax
> but are easy to spoof.  Uuid4 is random and implemented properly, should
> be hard to spoof.

I'm not sure what you mean by "spoof" in this context. Do you mean generate
collisions?

Do you mean "pretend to generate a UUID, but without actually doing so"?
That's how I interpret "spoof", but I don't quite understand why that would
be difficult. Here's one I just made now:

{00010203-0405-0607-0809-0a0b0c0d0e0f}

And another:

{836313e2-3b8a-53f2-9b90-0c9ade199e5d}

They weren't hard to spoof :-)


-- 
Steven



More information about the Python-list mailing list