[Catalyst] Production session issue - commercial support inquiry?

[Wade Stuart]

Have you looked at trying to replace the seed generator for the session (or
if you have, have you verified it actually has enough entropy for your
load)?  I could imagine given enough preforks and hitrate that the default
seed could allow doe some collisions.  I would expect it would take a very
high hit rate -- if so you may need to pull more than 20 bytes of random to
get enough entropy. Examples from the POD below:

In the hopes that those combined values are entropic enough for most uses.
If this is not the case you can replace session_hash_seed with e.g.

sub session_hash_seed {
        open my $fh, "<", "/dev/random";
        read $fh, my $bytes, 20;
        close $fh;
        return $bytes;
    }

Or even more directly, replace generate_session_id:

    sub generate_session_id {
        open my $fh, "<", "/dev/random";
        read $fh, my $bytes, 20;
        close $fh;
        return unpack("H*", $bytes);
    }



-- =

Thanks!

Wade Stuart

Phone:  917-363-6164
IM: SpaceMuscles
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20090109/72d54=
8d0/attachment.htm