On Sunday, 18 January 2015 at 00:51:37 UTC, Laeeth Isharc wrote:
On Saturday, 17 January 2015 at 16:55:42 UTC, Marc Schütz wrote:
On Saturday, 17 January 2015 at 14:37:00 UTC, Laeeth Isharc
wrote:
On Saturday, 17 January 2015 at 13:47:39 UTC, Marc Schütz
wrote:
[...]
I agree that it would be useful.
This is what I used, although there may be a better option:
http://dlang.org/phobos/std_uuid.html
Nice idea, but it still allows for intentional collision
attacks :-(
The only really safe solution is one that generates (probably)
unique names, then opens the file with O_EXCL|O_CREAT (or
whatever other means the OS provides), and if it fails,
retries with a different name. `std.stdio.tmpfile()` already
does that (it uses `tmpfile(3)` under the hood), but doesn't
allow access to the name.
I don't follow why a collision attack is applicable in this
case.
Your stage 1 of generating unique names: how is this different
from using a random uuid?
UUIDs are defined to be unique, not unpredictable. UUID that use
random number generation (UUID4) should use a cryptographically
secure random number generator but are not required to. Therefore
it shouldn't be blindly trusted against someone actively trying
to get a collision.