On Fri, 20 Jan 2012 13:50:18 +0100 Victor Stinner <victor.stin...@haypocalc.com> wrote:
> > The main issue with that approach is that it allows a new kind of attack. > > > > An attacker now needs to find 1000 colliding keys, and submit them > > one-by-one into a database. The limit will not trigger, as those are > > just database insertions. > > > > Now, if the applications also as a need to read the entire database > > table into a dictionary, that will suddenly break, and not for the > > attacker (which would be ok), but for the regular user of the > > application or the site administrator. > > Oh, good catch. But it would not call it a new kind of attack, it is > just a particular case of the hash collision vulnerability. > > Counting collision doesn't solve this case, but it doesn't make the > situation worse than before. Raising quickly an exception is better > than stalling for minutes, even if I agree than it is not the best > behaviour. Actually, it *is* worse because stalling for seconds or minutes may not be a problem in some cases (e.g. some batch script that gets run overnight). Regards Antoine. _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
