This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author ncoghlan
Recipients alex, barry, bkabrda, doko, dstufft, janssen, lemburg, ncoghlan, pitrou, r.david.murray, rkuska, vstinner
Date 2015-04-26.02:31:29
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1430015490.34.0.131550888465.issue23857@psf.upfronthosting.co.za>
In-reply-to
Content
Folks being wary of upgrading to new maintenance releases is already the case - RHEL/CentOS selectively backport things, and other orgs like Google do extensive integration testing before deploying new versions. 

Folks that only use and write well behaved and well maintained software can readily upgrade to new point releases, large enough organisations where that assumption isn't necessarily valid end up having to work a bit harder :)

That said, I agree a hash randomisation style approach using environment variables should also work, I just expect it might be a little harder to check in a security auditing script.
History
Date User Action Args
2015-04-26 02:31:30ncoghlansetrecipients: + ncoghlan, lemburg, barry, doko, janssen, pitrou, vstinner, alex, r.david.murray, bkabrda, dstufft, rkuska
2015-04-26 02:31:30ncoghlansetmessageid: <1430015490.34.0.131550888465.issue23857@psf.upfronthosting.co.za>
2015-04-26 02:31:30ncoghlanlinkissue23857 messages
2015-04-26 02:31:29ncoghlancreate