[Python-Dev] Changing the order of iteration over a dictionary

Nick Coghlan ncoghlan at gmail.com
Fri Jan 20 12:32:04 CET 2012

On Fri, Jan 20, 2012 at 8:49 PM, Mark Shannon <mark at hotpy.org> wrote:
> So, don't be afraid to change that hash function :)

Changing it for 3.3 isn't really raising major concerns: the real
concern is with changing it in maintenance and security patches for
earlier releases. Security patches that may break production
applications aren't desirable, since it means admins have to weigh up
the risk of being affected by the security vulnerability against the
risk of breakage from the patch itself.

The collision counting approach was attractive because it looked like
it might offer a way out that was less likely to break deployed
systems. Unfortunately, I think the point Martin raised about just
opening a new (even more subtle) attack vector kills that idea dead.


Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia

More information about the Python-Dev mailing list