Defensive programming

Jack Diederich jack at performancedrivers.com
Sun Jun 1 12:20:19 CEST 2003


On Sun, Jun 01, 2003 at 10:53:10AM +0100, Robin Becker wrote:
> This recently slashdotted paper
> 
> http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003/index.html
> 
> suggests that many common algorithms (including perl hashing) are open to low input
> DoS attack.
> 
> I know that the Timbot and other python 'bots are pretty smart, but are there python
> algorithms that suffer the same vulnerabilities?
> 

The author brought this up on python-dev and the 'bots did indeed
disect the arguments.  The verdict was that it is interesting but not a
problem (or at least a solvable problem) in practice.  Specific problems are 
best solved at specific layers, and DoS attacks that eat CPU are best solved
at the operating system level.






More information about the Python-list mailing list