On 7/12/06, Felix Ingram <[EMAIL PROTECTED]> wrote:
>
> On 7/12/06, Jyrki Pulliainen <[EMAIL PROTECTED]> wrote:
> >
> > On 7/12/06, Felix Ingram <[EMAIL PROTECTED]> wrote:
> > > > salt = sha.new(str(random.random())).hexdigest()[:5]
> >
> > Dunno is this really a developer question, but is there really a point
> > using sha there? That one could be done without sha too using
> > random.getrandbits(bits), eg.:
> >
> > ('%x' % random.getrandbits(128))[:5]
> >
> > Not as pretty as the sha-solution, but a bit more efficent and not
> > using the 'useless' sha there.
>
> I don't see a problem with your solution. I just copied the existing
> code. I wouldn't worry about efficency (though I suspect you're not
> really) given the number of times this function is likely to be used.
> Sha'ing random won't make it any more random; I suppose it's just down
> to personal preference.Yeah, that's propably not so time critical. This was just general wondering :) By the way, you could mention on the wiki page, that user shouldn't use your script on any server which admin(s) he/she cannot trust. Linux is as secure as any else if the admin worth trusting. :) Also, the history file can be done unreadable by other users if it's not already so (chmod 0700 ~/.bash_history) -- Jyrki // [EMAIL PROTECTED] --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~----------~----~----~----~------~----~------~--~---
