On 2/9/2012 9:30 PM, Nathan Rice wrote:
That day may be sooner than you think. It is very likely that in Python
3.3, dict order will be randomized on creation as a side-effect of adding
a random salt to hashes to prevent a serious vulnerability in dicts.
http://securitytracker.com/id/1026478
http://bugs.python.org/issue13703
If there is anyone still assuming that dicts have a predictable order,
they're going to be in for a nasty surprise one of these days.
The only thing needed to avoid the hash collision is that your hash
function is not not 100% predictable just by looking at the python
source code. I don't see why every dict would have to be created
differently. I would think having the most ubiquitous data structure
in your language be more predictable would be a priority. Oh well....
I believe 'on creation' means 'on process startup', not on dict
creation. There have, however, been several variants suggested, and the
focus has been on choosing one first for past and current versions. 3.3
is about 6 months off and hash for it may still be debated.
--
Terry Jan Reedy
--
http://mail.python.org/mailman/listinfo/python-list
