[Python-Dev] Python 3.6 dict becomes compact and gets a private version; and keywords become ordered
Gregory P. Smith
greg at krypto.org
Mon Sep 12 18:59:47 EDT 2016
On Mon, Sep 12, 2016 at 3:57 PM Brett Cannon <brett at python.org> wrote:
> On Mon, 12 Sep 2016 at 15:46 Ethan Furman <ethan at stoneleaf.us> wrote:
>
> On 09/12/2016 09:27 AM, Gregory P. Smith wrote:
>
> > For the regular dict (non kwargs or namespace __dict__) use case I would
> actually like to /see disorder preserved during iteration/.
> >
> > If we don't, we will eventually to find ourselves in a similar state we
> were in pre hash-randomization:
>
> Does anyone have a short explanation of the interaction between hash
> randomization and this new always ordered dict? Why doesn't one make the
> other useless?
>
>
> There is still a hash table that stores a pointer into an array that
> stores the keys/values that are kept in an ordered array. So that
> first-level hash table still uses hash randomization.
>
More specifically: If the goal of hash randomization is to reduce DDOS hash
table stuffing attacks, that is still true. The hashing is randomized.
Dict ordering may actually _help_ DDOS protection. It no longer leaks
information potentially revealing details about the hash seed via the
iteration order.
-gps
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20160912/8daea8d2/attachment.html>
More information about the Python-Dev
mailing list