Defensive programming

Terry Reedy tjreedy at udel.edu
Mon Jun 2 09:26:02 CEST 2003


"Lulu of the Lotus-Eaters" <mertz at gnosis.cx> wrote
> Well... for Python, I'd rather have a hash with excellent typical
case
> performance than a typically slower one with more collision
resistance.

"Neil Schemenauer" <nas-usenet at arctrix.com> wrote in message
news:W2zCa.25460$da1.5950 at nwrddc03.gnilink.net...
> Why should everyone have to use a slower or more complicated hash
> function?

On the pydev list, Guido guessed that '99.99%' of Python programs are
probably not subject tosuch attacks and stated that since CPython uses
hashes so much in its core operations, he would not slow down the many
for the benefit of the few, who are free ...

> People who really care can use a custom __hash__ or
> use a different container (like a tree).

to do exactly this.

 >If you are worried
> about DoS attacks then you have a lot more problems than just a
> deterministic hash function.

This has been Tim's point.

Terry J. Reedy







More information about the Python-list mailing list