[Python-Dev] Hash collision security issue (now public)
Christian Heimes
lists at cheimes.de
Sun Jan 1 16:30:26 CET 2012
Am 31.12.2011 23:38, schrieb Terry Reedy:
> On 12/31/2011 4:43 PM, PJ Eby wrote:
>
>> Here's an idea. Suppose we add a sys.hash_seed or some such, that's
>> settable to an int, and defaults to whatever we're using now. Then
>> programs that want a fix can just set it to a random number,
>
> I do not think we can allow that to change once there are hashed
> dictionaries existing.
Me, too. Armin suggested to use an env var as random.
More information about the Python-Dev
mailing list