[Python-Dev] Hash collision security issue (now public)
Steven D'Aprano
steve at pearwood.info
Fri Jan 6 04:08:10 CET 2012
Benjamin Peterson wrote:
> 2012/1/5 Steven D'Aprano <steve at pearwood.info>:
[...]
>> There's nothing obscure about directly testing the hash. That's about as far
>> from obscure as it is possible to get: you are directly testing the presence
>> of a feature by testing the feature.
>
> It's obscure because hash('') != 0 doesn't necessarily mean the hashes
> are randomized. A different hashing algorithm could be in effect.
Fair point, but I didn't actually suggest testing hash('') != 0, that was
Nick's suggestion, which he's since withdrawn.
--
Steven
More information about the Python-Dev
mailing list