How good is security via hashing
geremy condra
debatem1 at gmail.com
Tue Jun 7 17:41:55 EDT 2011
On Tue, Jun 7, 2011 at 1:42 PM, Paul Rubin <no.email at nospam.invalid> wrote:
> geremy condra <debatem1 at gmail.com> writes:
>> # adds random junk to the filename- should make it hard to guess
>> rrr = os.urandom(16)
>> fname += base64.b64encode(rrr)
>
> Don't use b64 output in a filename -- it can have slashes in it! :-(
>
> Simplest is to use old fashioned hexadeimal for stuff like that, unless
> the number of chars is a significant problem. Go for a more complicated
> encoding if you must.
Eeesh, that completely slipped my mind. Thanks for pointing it out.
Geremy Condra
More information about the Python-list
mailing list