#1180: Django session key generation flawed
-----------------------------------+----------------------------------------
Reporter: [EMAIL PROTECTED] | Owner: nobody
Status: reopened | Component: Admin interface
Version: | Resolution:
Keywords: | Stage: Accepted
Has_patch: 0 | Needs_docs: 0
Needs_tests: 0 | Needs_better_patch: 0
-----------------------------------+----------------------------------------
Comment (by ubernostrum):
Replying to [comment:21 Densetsu no Ero-sennin
<[EMAIL PROTECTED]>]:
> Does `session_key` field necessarily needs to be a PK? If we change
Session model to have a plain auto-incremented integer primary key and use
`unique=True` for `session_key` field, collisions can be avoided
completely since there will be no chance to `INSERT` two different
sessions with equal session keys.
Actually there is, because some databases (SQLite) can re-use primary key
values if rows have been deleted from the table, which means it's possible
for two users get the same "incremented" primary key value on their
sessions.
--
Ticket URL: <http://code.djangoproject.com/ticket/1180#comment:22>
Django Code <http://code.djangoproject.com/>
The web framework for perfectionists with deadlines
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
