Defensive programming

Terry Reedy tjreedy at
Mon Jun 2 09:26:02 CEST 2003

"Lulu of the Lotus-Eaters" <mertz at> wrote
> Well... for Python, I'd rather have a hash with excellent typical
> performance than a typically slower one with more collision

"Neil Schemenauer" <nas-usenet at> wrote in message
news:W2zCa.25460$da1.5950 at
> Why should everyone have to use a slower or more complicated hash
> function?

On the pydev list, Guido guessed that '99.99%' of Python programs are
probably not subject tosuch attacks and stated that since CPython uses
hashes so much in its core operations, he would not slow down the many
for the benefit of the few, who are free ...

> People who really care can use a custom __hash__ or
> use a different container (like a tree).

to do exactly this.

 >If you are worried
> about DoS attacks then you have a lot more problems than just a
> deterministic hash function.

This has been Tim's point.

Terry J. Reedy

More information about the Python-list mailing list