I'm building a web application using sqlalchemy in my db layer. Some of the tables require single integer primary keys which might be exposed in some parts of the web interface. If users can guess the next key in a sequence, it might be possible for them to 'game' or manipulate the system in unexpected ways. I want to avoid this by generating a random key for each row ID, and have decided to use the same approach for all my single key tables.
Are there any best practices for implementing this? If the random module is suitable, does anyone have any good ideas on how this could be implemented? Some questions which came to mind are: Would I need to save and restore the random module state when generating id's for each table? What would be an appropriate seed? How many random integers can I generate before a repeat becomes probable? I've got my own ideas for implementing this, but am interested to see how/if anyone else has tackled the same problem. -Sw. -- http://mail.python.org/mailman/listinfo/python-list