Message 151071 - Python tracker (original) (raw)

Mark Dickinson wrote:

Mark Dickinson <dickinsm@gmail.com> added the comment:

[Antoine]

Also, how about false positives? Having legitimate programs break because of legitimate data would be a disaster.

This worries me, too.

[MAL]

Yes, which is why the patch should be disabled by default (using an env var) in dot-releases.

Are you proposing having it enabled by default in Python 3.3?

Possibly, yes. Depends on whether anyone comes up with a problem in the alpha, beta, RC release cycle.

It would be great to have the universal hash method approach for Python 3.3. That way Python could self-heal itself in case it finds too many collisions. My guess is that it's still better to raise an exception, though, since it would uncover either attacks or programming errors.