#1180: Django session key generation flawed
-----------------------------------+----------------------------------------
Reporter: [EMAIL PROTECTED] | Owner: adrian
Status: reopened | Component: Admin interface
Version: | Resolution:
Keywords: | Stage: Accepted
Has_patch: 0 | Needs_docs: 0
Needs_tests: 0 | Needs_better_patch: 0
-----------------------------------+----------------------------------------
Comment (by [EMAIL PROTECTED]):
We recently got into problem when using Django over FastCGI. It appears
that the Python's own random number generator is initialized with random
seed just before starting to fork processes. This way all fcgi processes
got the "same" random number generator. The possibility to get duplicates
rose so high, that we had to add additionally PID value to session key
generation salt.
--
Ticket URL: <http://code.djangoproject.com/ticket/1180#comment:20>
Django Code <http://code.djangoproject.com/>
The web framework for perfectionists with deadlines
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
