[Python-Dev] XML DoS vulnerabilities and exploits in Python
Antoine Pitrou
solipsis at pitrou.net
Thu Feb 21 07:56:11 CET 2013
More information about the Python-Dev mailing list
Thu Feb 21 07:56:11 CET 2013
- Previous message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
- Next message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 21 Feb 2013 10:38:07 +1000 Nick Coghlan <ncoghlan at gmail.com> wrote: > On Thu, Feb 21, 2013 at 9:49 AM, Tres Seaver <tseaver at palladion.com> wrote: > > Two words: "hash randomization". If it applies to one, it applies to > > the other. > > Agreed. Christian's suggested approach sounds sane to me: > > - make it possible to enable safer behaviour globally in at least 2.7 > and 3.3 (and perhaps in 2.6 and 3.2 security releases as well) > - make the safer behaviour the default in 3.4 > - make it possible to selectively disable the safeguards in all versions +1 from me. Regards Antoine.
- Previous message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
- Next message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list