[issue13703] Hash collision security issue
Guido van Rossum
report at bugs.python.org
Wed Jan 18 20:08:19 CET 2012
Guido van Rossum <guido at python.org> added the comment:
On Wed, Jan 18, 2012 at 10:59 AM, Marc-Andre Lemburg <report at bugs.python.org
> wrote:
>
> Marc-Andre Lemburg <mal at egenix.com> added the comment:
>
> STINNER Victor wrote:
> >
> > Patch version 7:
> > - Make PyOS_URandom() private (renamed to _PyOS_URandom)
> > - os.urandom() releases the GIL for I/O operation for its
> implementation reading /dev/urandom
> > - move _Py_unicode_hash_secret_t documentation into unicode_hash()
> >
> > I moved also fixes for tests in a separated patch:
> random_fix-tests.patch.
>
> Don't you think that the number of corrections you have to apply in order
> to get the tests working again shows how much impact such a change would
> have in real-world applications ?
>
> Perhaps we should start to think about a compromise: make both the
> collision counting and the hash seeding optional and let the user
> decide which option is best.
>
I like this, esp. if for old releases the collision counting is on by
default and the hash seeding is off by default, while in 3.3 both should be
on by default. Different env vars or flags should be used to enable/disable
them.
> BTW: The patch still includes the unnecessary
> _Py_unicode_hash_secret.suffix
> which needlessly complicates the code and doesn't any additional
> protection against hash value collisions.
>
> ----------
>
> _______________________________________
> Python tracker <report at bugs.python.org>
> <http://bugs.python.org/issue13703>
> _______________________________________
>
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13703>
_______________________________________
More information about the Python-bugs-list
mailing list