[Python-Dev] Counting collisions for the win
Guido van Rossum
guido at python.org
Sat Jan 21 17:45:29 CET 2012
On Sat, Jan 21, 2012 at 7:50 AM, Matthew Woodcraft
<matthew at woodcraft.me.uk> wrote:
> Victor Stinner <victor.stinner at haypocalc.com> wrote:
>> I propose to solve the hash collision vulnerability by counting
>> collisions [...]
>> We now know all issues of the randomized hash solution, and I
>> think that there are more drawbacks than advantages. IMO the
>> randomized hash is overkill to fix the hash collision issue.
> For web frameworks, forcing an exception is less harmful than forcing a
> many-second delay, but I think it's hard to be confident that there
> aren't other vulnerable applications where it's the other way round.
> Web frameworks like the exception because they already have backstop
> exception handlers, and anyway they use short-lived processes and keep
> valuable data in databases rather than process memory.
> Web frameworks don't like the delay because they allow unauthenticated
> users to submit many requests (including multiple requests in parallel),
> and they normally expect each response to take little cpu time.
> But many programs are not like this.
> What about a log analyser or a mailing list archiver or a web crawler or
> a game server or some other kind of program we haven't considered?
If my log crawler ended up taking minutes per log entry instead of
milliseconds I'd have to kill it anyway. Web crawlers are huge
multi-process systems that are as robust as web servers, or more. Game
servers are just web apps.
--Guido van Rossum (python.org/~guido)
More information about the Python-Dev