frozendict
Terry Reedy
tjreedy at udel.edu
Thu Feb 9 22:33:16 EST 2012
On 2/9/2012 9:30 PM, Nathan Rice wrote:
>> That day may be sooner than you think. It is very likely that in Python
>> 3.3, dict order will be randomized on creation as a side-effect of adding
>> a random salt to hashes to prevent a serious vulnerability in dicts.
>>
>> http://securitytracker.com/id/1026478
>>
>> http://bugs.python.org/issue13703
>>
>>
>> If there is anyone still assuming that dicts have a predictable order,
>> they're going to be in for a nasty surprise one of these days.
>
> The only thing needed to avoid the hash collision is that your hash
> function is not not 100% predictable just by looking at the python
> source code. I don't see why every dict would have to be created
> differently. I would think having the most ubiquitous data structure
> in your language be more predictable would be a priority. Oh well....
I believe 'on creation' means 'on process startup', not on dict
creation. There have, however, been several variants suggested, and the
focus has been on choosing one first for past and current versions. 3.3
is about 6 months off and hash for it may still be debated.
--
Terry Jan Reedy
More information about the Python-list
mailing list