summaryrefslogtreecommitdiffstats
path: root/Doc/using
diff options
context:
space:
mode:
authorGeorg Brandl <georg@python.org>2012-02-20 20:31:46 (GMT)
committerGeorg Brandl <georg@python.org>2012-02-20 20:31:46 (GMT)
commit09a7c72cad48f568e0781541167cf9ea6a3f0760 (patch)
treed925894bfc3662e33c03ff7b6b2c5e9e38749b73 /Doc/using
parentfee358b0df547e9451cfb0b3d25980e6cc7177cc (diff)
parent2daf6ae2495c862adf8bc717bfe9964081ea0b10 (diff)
downloadcpython-09a7c72cad48f568e0781541167cf9ea6a3f0760.zip
cpython-09a7c72cad48f568e0781541167cf9ea6a3f0760.tar.gz
cpython-09a7c72cad48f568e0781541167cf9ea6a3f0760.tar.bz2
Merge from 3.1: Issue #13703: add a way to randomize the hash values of basic types (str, bytes, datetime)
in order to make algorithmic complexity attacks on (e.g.) web apps much more complicated. The environment variable PYTHONHASHSEED and the new command line flag -R control this behavior.
Diffstat (limited to 'Doc/using')
-rw-r--r--Doc/using/cmdline.rst47
1 files changed, 46 insertions, 1 deletions
diff --git a/Doc/using/cmdline.rst b/Doc/using/cmdline.rst
index c386fb4..d0b330d 100644
--- a/Doc/using/cmdline.rst
+++ b/Doc/using/cmdline.rst
@@ -24,7 +24,7 @@ Command line
When invoking Python, you may specify any of these options::
- python [-bBdEhiOsSuvVWx?] [-c command | -m module-name | script | - ] [args]
+ python [-bBdEhiORqsSuvVWx?] [-c command | -m module-name | script | - ] [args]
The most common use case is, of course, a simple invocation of a script::
@@ -227,6 +227,29 @@ Miscellaneous options
.. versionadded:: 3.2
+.. cmdoption:: -R
+
+ Turn on hash randomization, so that the :meth:`__hash__` values of str, bytes
+ and datetime objects are "salted" with an unpredictable random value.
+ Although they remain constant within an individual Python process, they are
+ not predictable between repeated invocations of Python.
+
+ This is intended to provide protection against a denial-of-service caused by
+ carefully-chosen inputs that exploit the worst case performance of a dict
+ insertion, O(n^2) complexity. See
+ http://www.ocert.org/advisories/ocert-2011-003.html for details.
+
+ Changing hash values affects the order in which keys are retrieved from a
+ dict. Although Python has never made guarantees about this ordering (and it
+ typically varies between 32-bit and 64-bit builds), enough real-world code
+ implicitly relies on this non-guaranteed behavior that the randomization is
+ disabled by default.
+
+ See also :envvar:`PYTHONHASHSEED`.
+
+ .. versionadded:: 3.2.3
+
+
.. cmdoption:: -s
Don't add the :data:`user site-packages directory <site.USER_SITE>` to
@@ -350,6 +373,7 @@ Options you shouldn't use
.. _Jython: http://jython.org
+
.. _using-on-envvars:
Environment variables
@@ -458,6 +482,27 @@ These environment variables influence Python's behavior.
option.
+.. envvar:: PYTHONHASHSEED
+
+ If this variable is set to ``random``, the effect is the same as specifying
+ the :option:`-R` option: a random value is used to seed the hashes of str,
+ bytes and datetime objects.
+
+ If :envvar:`PYTHONHASHSEED` is set to an integer value, it is used as a fixed
+ seed for generating the hash() of the types covered by the hash
+ randomization.
+
+ Its purpose is to allow repeatable hashing, such as for selftests for the
+ interpreter itself, or to allow a cluster of python processes to share hash
+ values.
+
+ The integer must be a decimal number in the range [0,4294967295]. Specifying
+ the value 0 will lead to the same hash values as when hash randomization is
+ disabled.
+
+ .. versionadded:: 3.2.3
+
+
.. envvar:: PYTHONIOENCODING
If this is set before running the interpreter, it overrides the encoding used