This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author rhettinger
Recipients FFY00, jefferyto, rhettinger, serhiy.storchaka, vstinner
Date 2021-05-26.03:47:49
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1622000869.4.0.653715192199.issue37596@roundup.psfhosted.org>
In-reply-to
Content 
Is it possible to defer hash randomization until after pycs are generated?  The underlying problem here is an intentional scrambling of data.  If determinism is what is desired then deferring that action addresses the action cause of non-determinism rather than a downstream manifestation.

Scrambling hashes provides a somewhat limited (and bypassable) security value.  What it protects against is maliciously chosen user keys.  That can only occur after modules are loaded.  The risk isn't intrinsic to the module itself.

Really, I don't think we should be rewriting sets to achieve this very limited goal that benefits very few users. That seems like the tail wagging the dog.
History
Date User Action Args
2021-05-26 04:07:14rhettingerunlinkissue37596 messages
2021-05-26 03:47:49rhettingersetrecipients: + rhettinger, vstinner, serhiy.storchaka, FFY00, jefferyto
2021-05-26 03:47:49rhettingersetmessageid: <1622000869.4.0.653715192199.issue37596@roundup.psfhosted.org>
2021-05-26 03:47:49rhettingerlinkissue37596 messages
2021-05-26 03:47:49rhettingercreate