On Fri, Jan 20, 2012 at 7:34 PM, "Martin v. Löwis" <[email protected]> wrote: > The main issue with that approach is that it allows a new kind of attack. > > An attacker now needs to find 1000 colliding keys, and submit them > one-by-one into a database. The limit will not trigger, as those are > just database insertions. > > Now, if the applications also as a need to read the entire database > table into a dictionary, that will suddenly break, and not for the > attacker (which would be ok), but for the regular user of the > application or the site administrator. > > So it may be that this approach actually simplifies the attack, making > the cure worse than the disease.
Ouch, I think you're right. So hash randomisation may be the best option, and admins will need to test for themselves to see if it breaks things... Regards, Nick. -- Nick Coghlan | [email protected] | Brisbane, Australia _______________________________________________ Python-Dev mailing list [email protected] http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
