[Python-Dev] Make str/bytes hash algorithm pluggable?
Gregory P. Smith
greg at krypto.org
Fri Oct 4 05:34:20 CEST 2013
On Thu, Oct 3, 2013 at 12:05 PM, Guido van Rossum <guido at python.org> wrote:
> We already have adopted a feature that plugged most viable attacks on web
> apps, I think that's enough.
>
Actually... we did not do a very good job on that:
http://bugs.python.org/issue14621
The point of allowing alternates is to let people with needs choose
something else if they want without having to jump through hoops of
modifying the guts of Python to do it. I don't expect python as shipped by
most OS distros to use anything other than our default.
-gps
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20131003/392c3ad7/attachment.html>
More information about the Python-Dev
mailing list