[Python-Dev] Suggestion: stopping to trust os mtimes
Peter Funk
pf@artcom-gmbh.de
Fri, 2 Jun 2000 21:21:30 +0200 (MEST)
hi,
Moshe Zadka wrote:
> Trusting OS-based mtimes for .pyc caching has some inherent problems.
> (Clock syncing and similar) Frankly, though I've never been bitten by
> this, it does give me an uncomfortable feeling. What if, instead, we'd use
> md5- or sha-based approach? I'm willing to bet that the 2^128 chance of
> problems is miniscule compared to the real problems clock syncing has
> already caused. (I think I remember some problem with .pyc's on IIS, but
> I may just be hallucinating)
The timestamp is returned by simply 'stat'ing the .py file. If you
want more, you actually would have to open the .py files all the time.
This would be trading a big performance penalty for a security, that
will almost always not needed. In Unix many sub systems (for example
'make' depend on a monotone system clock. A random jumping clock
would break many of them anyway.
Regards, Peter
--
Peter Funk, Oldenburger Str.86, D-27777 Ganderkesee, Germany, Fax:+49 4222950260
office: +49 421 20419-0 (ArtCom GmbH, Grazer Str.8, D-28359 Bremen)