Schnitzer, Jeff wrote:
You could icrement a variable to list the number of duplicates detected. The patch should guarantee uniqueness of the ids, and this is supposed to fix the issue.I've already patched the 4.1.12 version we are running with the fix that is currently in CVS. Unfortunately our only notification of when the problem occurs is when users notice (which they probably wouldn't unless they acquired an administrative session) and choose to inform us. I won't "know" the fix worked without waiting some number of weeks.
In theory, the odds are so small it just cannot happen. I can't reproduce an id collision so far.One thing to contemplate is that if you have 100,000 sessions and you get 10 new sessions created every second, that's the equivalent of 1 million inadvertent hack attempts every single second. Granted that's still small compared to the total size of a truly randomly generated 128-bit number, but I wouldn't run a banking application on it.
Remy
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
