Message 151756 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	dmalcolm
Recipients	Arach, Arfrever, Huzaifa.Sidhpurwala, Jim.Jewett, Mark.Shannon, PaulMcMillan, Zhiping.Deng, alex, barry, benjamin.peterson, christian.heimes, dmalcolm, eric.araujo, eric.snow, fx5, georg.brandl, grahamd, gregory.p.smith, gvanrossum, gz, jcea, lemburg, mark.dickinson, neologix, pitrou, skrah, terry.reedy, tim.peters, v+python, vstinner, zbysz
Date	2012-01-22.02:13:45
SpamBayes Score	3.1097347e-13
Marked as misclassified	No
Message-id	<1327198390.4992.284.camel@surprise>
In-reply-to	<CAGE7PNJX1GmJpf9A=x-qS+LdBZMbp0=YRfn1KZhtKjNT2W9j8g@mail.gmail.com>

Content
5 more characters: PYTHONHASHTABLEPROTECTION or PYHASHTABLEPROTECTION maybe? I'm in both camps: I like hash seed randomization fwiw. I'm nervous about enabling either of the approaches by default, but I can see myself backporting both approaches into RHEL's ancient Python versions, compiled in, disabled by default, but available at runtime via env vars (assuming that no major flaws are discovered in my patch e.g. performance). I'm sorry if I'm muddying the waters by working on this approach. Is the hash randomization approach ready to go, or is more work needed? If the latter, is there a clear TODO list? (for backporting to 2., presumably we'd want PyStringObject to be randomized; I think this means that PyBytesObject needs to be randomized also in 3.; don't we need hash(b'foo') == hash('foo') ?). Does the patch needs to also randomize the hashes of the numeric types? (I think not; that may break too much 3rd-party code (NumPy?)). [If we're bikeshedding, I prefer the term "salt" to "seed" in the hash randomization approach: there's a per-process "hash salt", which is either randomly generated, or comes from the environment, set to 0 to disable]

5 more characters:
PYTHONHASHTABLEPROTECTION
or
PYHASHTABLEPROTECTION
maybe?

I'm in *both* camps: I like hash seed randomization fwiw.  I'm nervous
about enabling either of the approaches by default, but I can see myself
backporting both approaches into RHEL's ancient Python versions,
compiled in, disabled by default, but available at runtime via env vars
(assuming that no major flaws are discovered in my patch e.g.
performance).

I'm sorry if I'm muddying the waters by working on this approach.

Is the hash randomization approach ready to go, or is more work needed?
If the latter, is there a clear TODO list?
(for backporting to 2.*, presumably we'd want PyStringObject to be
randomized; I think this means that PyBytesObject needs to be randomized
also in 3.*; don't we need hash(b'foo') == hash('foo') ?).  Does the
patch needs to also randomize the hashes of the numeric types? (I think
not; that may break too much 3rd-party code (NumPy?)).

[If we're bikeshedding,  I prefer the term "salt" to "seed" in the hash
randomization approach: there's a per-process "hash salt", which is
either randomly generated, or comes from the environment, set to 0 to
disable]

History
Date	User	Action	Args
2012-01-22 02:13:49	dmalcolm	set	recipients: + dmalcolm, lemburg, gvanrossum, tim.peters, barry, georg.brandl, terry.reedy, gregory.p.smith, jcea, mark.dickinson, pitrou, vstinner, christian.heimes, benjamin.peterson, eric.araujo, grahamd, Arfrever, v+python, alex, zbysz, skrah, gz, neologix, Arach, Mark.Shannon, eric.snow, Zhiping.Deng, Huzaifa.Sidhpurwala, Jim.Jewett, PaulMcMillan, fx5
2012-01-22 02:13:47	dmalcolm	link	issue13703 messages
2012-01-22 02:13:45	dmalcolm	create