From fc65d164ab328c2bd3fc5de3998be481316b8fac Mon Sep 17 00:00:00 2001
From: "M.Shibuya" <mit.shibuya@gmail.com>
Date: Sun, 23 Jun 2019 12:25:01 +0900
Subject: [PATCH] Make cache_id unpredictable. Closes #2326

A random number up to 10^(15+4) is almost equivalent to 64 bits of entropy,
it should be enough for preventing easy-guessing.
Refs. 818ad989
---
 lib/carrierwave/uploader/cache.rb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/carrierwave/uploader/cache.rb b/lib/carrierwave/uploader/cache.rb
index 4fdbf66ed..0b74a080f 100644
--- a/lib/carrierwave/uploader/cache.rb
+++ b/lib/carrierwave/uploader/cache.rb
@@ -25,9 +25,9 @@ def self.increment
   #
   def self.generate_cache_id
     [Time.now.utc.to_i,
-      Process.pid,
-      '%04d' % (CarrierWave::CacheCounter.increment % 10000),
-      '%04d' % SecureRandom.random_number(10000)
+      SecureRandom.random_number(1_000_000_000_000_000),
+      '%04d' % (CarrierWave::CacheCounter.increment % 10_000),
+      '%04d' % SecureRandom.random_number(10_000)
     ].map(&:to_s).join('-')
   end