Defensive programming

Neil Schemenauer nas-usenet at
Mon Jun 2 04:57:58 CEST 2003

Paul Rubin <> wrote:
> The paper proposed a good solution, which is use a hash function that
> the attacker doesn't have enough information to manipulate.

Why should everyone have to use a slower or more complicated hash
function?  People who really care can use a custom __hash__ or
use a different container (like a tree).  If you are worried
about DoS attacks then you have a lot more problems than just a
deterministic hash function.


More information about the Python-list mailing list