Nick Coghlan <ncogh...@gmail.com> added the comment:
Back on the original hash seed topic: 1. The exact size of the seed ranges from 128 bits (SIPHash) to 32-bits depending on exactly which hash algorithm you're talking about (https://www.python.org/dev/peps/pep-0456/#hash-secret) 2. While PEP 456 doesn't state it explicitly, my recollection is that omitting the exact hash seed value from the Python level API was a deliberate decision, since one of the *purposes* of PEP 456 was to protect against seed recovery attacks like https://131002.net/siphash/poc.py. Being able to read the seed directly from the sys modules would rather simplify the task of seed recovery :) Only exposing a `forced_hash_seed` (and hiding randomly generated ones as `forced_hash_seed=None`) seems reasonable though, since those can already be read from os.environ anyway. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue33919> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
