Movatterモバイル変換

[Python-Dev] hash randomization in 3.3

• Previous message:[Python-Dev] hash randomization in 3.3
• Next message:[Python-Dev] hash randomization in 3.3
• Messages sorted by:[ date ][ thread ][ subject ][ author ]

On 2012-02-21, at 21:24 , Brett Cannon wrote:> On Tue, Feb 21, 2012 at 15:05, Barry Warsaw <barry at python.org> wrote:>>> On Feb 21, 2012, at 02:58 PM, Benjamin Peterson wrote:>>>>> 2012/2/21 Antoine Pitrou <solipsis at pitrou.net>:>>>>>>>> Hello,>>>>>>>> Shouldn't it be enabled by default in 3.3?>>>> Yes.>>>>> Should you be able to disable it?>>>> No, but you should be able to provide a seed.>> I think that's inviting trouble if you can provide the seed. It leads to a> false sense of security in that providing some seed secures them instead of> just making it a tad harder for the attack.I might have misunderstood something, but wouldn't providing a seed always make it *easier* for the attacker, compared to a randomized hash?

• Previous message:[Python-Dev] hash randomization in 3.3
• Next message:[Python-Dev] hash randomization in 3.3
• Messages sorted by:[ date ][ thread ][ subject ][ author ]