Defensive programming

Neil Schemenauer nas-usenet at arctrix.com
Sun Jun 1 22:57:58 EDT 2003


Paul Rubin <> wrote:
> The paper proposed a good solution, which is use a hash function that
> the attacker doesn't have enough information to manipulate.

Why should everyone have to use a slower or more complicated hash
function?  People who really care can use a custom __hash__ or
use a different container (like a tree).  If you are worried
about DoS attacks then you have a lot more problems than just a
deterministic hash function.

  Neil




More information about the Python-list mailing list