On Mon, Sep 12, 2016 at 3:57 PM Brett Cannon <br...@python.org> wrote:
> On Mon, 12 Sep 2016 at 15:46 Ethan Furman <et...@stoneleaf.us> wrote: > > On 09/12/2016 09:27 AM, Gregory P. Smith wrote: > > > For the regular dict (non kwargs or namespace __dict__) use case I would > actually like to /see disorder preserved during iteration/. > > > > If we don't, we will eventually to find ourselves in a similar state we > were in pre hash-randomization: > > Does anyone have a short explanation of the interaction between hash > randomization and this new always ordered dict? Why doesn't one make the > other useless? > > > There is still a hash table that stores a pointer into an array that > stores the keys/values that are kept in an ordered array. So that > first-level hash table still uses hash randomization. > More specifically: If the goal of hash randomization is to reduce DDOS hash table stuffing attacks, that is still true. The hashing is randomized. Dict ordering may actually _help_ DDOS protection. It no longer leaks information potentially revealing details about the hash seed via the iteration order. -gps
_______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
