On Fri, Jan 20, 2012 at 7:34 PM, "Martin v. Löwis" <mar...@v.loewis.de> wrote: > The main issue with that approach is that it allows a new kind of attack. > > An attacker now needs to find 1000 colliding keys, and submit them > one-by-one into a database. The limit will not trigger, as those are > just database insertions. > > Now, if the applications also as a need to read the entire database > table into a dictionary, that will suddenly break, and not for the > attacker (which would be ok), but for the regular user of the > application or the site administrator. > > So it may be that this approach actually simplifies the attack, making > the cure worse than the disease.
Ouch, I think you're right. So hash randomisation may be the best option, and admins will need to test for themselves to see if it breaks things... Regards, Nick. -- Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
