[Python-Dev] Status of the fix for the hash collision vulnerability (original) (raw)
Victor Stinner victor.stinner at haypocalc.com
Wed Jan 18 10:54:26 CET 2012
- Previous message: [Python-Dev] Status of the fix for the hash collision vulnerability
- Next message: [Python-Dev] PEP 380 ("yield from") is now Final
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
2012/1/18 "Martin v. Löwis" <martin at v.loewis.de>:
For 3.3 onwards, I'm skeptical whether all this configuration support is really necessary. I think a much smaller patch which leaves no choice would be more appropriate.
The configuration helps unit testing: see changes on Lib/test/*.py in my last patch. I hesitate to say that the configuration is required for tests. Anyway, users upgrading from Python 3.2 to 3.3 may need to keep the same hash function and don't care of security (e.g. programs running locally with trusted data).
Victor
- Previous message: [Python-Dev] Status of the fix for the hash collision vulnerability
- Next message: [Python-Dev] PEP 380 ("yield from") is now Final
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]