Defensive programming
Jack Diederich
jack at performancedrivers.com
Sun Jun 1 06:20:19 EDT 2003
On Sun, Jun 01, 2003 at 10:53:10AM +0100, Robin Becker wrote:
> This recently slashdotted paper
>
> http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003/index.html
>
> suggests that many common algorithms (including perl hashing) are open to low input
> DoS attack.
>
> I know that the Timbot and other python 'bots are pretty smart, but are there python
> algorithms that suffer the same vulnerabilities?
>
The author brought this up on python-dev and the 'bots did indeed
disect the arguments. The verdict was that it is interesting but not a
problem (or at least a solvable problem) in practice. Specific problems are
best solved at specific layers, and DoS attacks that eat CPU are best solved
at the operating system level.
More information about the Python-list
mailing list