Benjamin Peterson wrote: > Hash randomization causes the iteration order of dicts and sets to be > unpredictable and differ across Python runs. Python has never guaranteed > iteration order of keys in a dict or set, and applications are advised to > never > rely on it. Historically, dict iteration order has not changed very often > across > releases and has always remained consistent between successive executions of > Python. Thus, some existing applications may be relying on dict or set > ordering. > Because of this and the fact that many Python applications which don't accept > untrusted input are not vulnerable to this attack, in all stable Python > releases > mentioned here, HASH RANDOMIZATION IS DISABLED BY DEFAULT. There are two ways > to > enable it. The -R commandline option can be passed to the python executable. > It > can also be enabled by setting an environmental variable PYTHONHASHSEED to > "random". (Other values are accepted, too; pass -h to python for complete > description.)
I wonder how I could enforce hash randomization from within a Python app without too much hassle. I'd like to avoid having to rely on sys-admins doing the right thing when installing my web2ldap. I guess os.environ['PYTHONHASHSEED'] = 'random' before forking a process would be a solution. But is there another way? Ciao, Michael. -- http://mail.python.org/mailman/listinfo/python-list
