[REBOL] Re: RWT: Cookies
From: rebol:laurent-chevalier at: 5-Mar-2003 8:24
I'm using this function to generate unique and secure session ID in my
build-id: has [ id ][
random/seed join now/precise either config/log-path [ checksum read
config/log-path ][ checksum to-string now/precise ]
id: make string! (config/session-key-length + 5)
loop config/session-key-length [ append id first random
not exists? to-file rejoin [config/session-dir id ext]
Note the definition of a unique seed with random/seed to avoid
repetition of ID.
I'm getting entropy that to checksum read configl/log-path that depends
on the users of the service and so can be guess by any hacker.
See the code and documentation at http://www.shlik.org/rsp
Maarten Koopmans wrote: