[issue13703] Hash collision security issue
Antoine Pitrou
report at bugs.python.org
Sat Jan 21 23:45:29 CET 2012
Antoine Pitrou <pitrou at free.fr> added the comment:
> You said above that it should be hardcoded; if so, how can it be changed
> at run-time from an environment variable? Or am I misunderstanding.
You're right, I used the wrong word. I meant it should be a constant
independently of the dict size. But, indeed, not hard-coded in the
source.
> > > BTW, presumably if we do it, we should do it for sets as well?
> >
> > Yeah, and use the same env var / sys function.
>
> Despite the "DICT" in the title? OK.
Well, dict is the most likely target for these attacks.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13703>
_______________________________________
More information about the Python-bugs-list
mailing list