the hash initialization with the current time(2) (seconds since 1970) is not
random enough in my opinion.
Attackers could guess and inject entries tailored to this specific second (or the ones around it).
If you use timebased tehcnologies, try gettimeofday() and use the fractional part tv_usec perhaps.?
Log in to post a comment.