Or is it better to use something like:
random = random.SystemRandom()
because it does not use the Mersenne Twister?
-Ulrich
Ulrich wrote:
Hi,
I have a short question on a security aspect. To generate something
like a session ID or other random strings that need to be secure and
unpredictable, I would use a code like this one:
# start of the script (will be called 1 time when instance is loaded?)
import os
import random
import string
random.seed(os.urandom(24))
# later in the code
class Test(webapp.RequestHandler):
def get(self):
topsecret =
u''.join([random.choice(string.digits+string.uppercase+string.lowercase
) for c in range(16)])
Is this secure? Or is topsecret predictable if you know previous
values of topsecret that were generated by the same instance?
-Ulrich
--
You received this message because you are subscribed to the Google Groups "Google
App Engine" group.
To post to this group, send email to google-appeng...@googlegroups.com.
To unsubscribe from this group, send email to
google-appengine+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-appengine?hl=en.
