On Feb 21, 2012, at 09:58 PM, Xavier Morel wrote: >On 2012-02-21, at 21:24 , Brett Cannon wrote: >> On Tue, Feb 21, 2012 at 15:05, Barry Warsaw <ba...@python.org> wrote: >> >>> On Feb 21, 2012, at 02:58 PM, Benjamin Peterson wrote: >>> >>>> 2012/2/21 Antoine Pitrou <solip...@pitrou.net>: >>>>> >>>>> Hello, >>>>> >>>>> Shouldn't it be enabled by default in 3.3? >>> >>> Yes. >>> >>>> Should you be able to disable it? >>> >>> No, but you should be able to provide a seed. >> >> I think that's inviting trouble if you can provide the seed. It leads to a >> false sense of security in that providing some seed secures them instead of >> just making it a tad harder for the attack. > >I might have misunderstood something, but wouldn't providing a seed always >make it *easier* for the attacker, compared to a randomized hash?
I don't think so. You'd have to somehow coerce the sys.hash_seed out of the process. Not impossible perhaps, but unlikely unless the application isn't written well and leaks that information (which is not Python's fault). Plus, with randomization enabled, that won't help you much past the current invocation of Python. -Barry
signature.asc
Description: PGP signature
_______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
