Thanks for the clarification. I'm glad we can keep hash randomization disabled during our builds. On Fri, May 12, 2017 at 5:22 PM, Guido van Rossum <guido at python.org> wrote: > Don't worry, the PYTHONHASHSEED setting does not get recorded in the > bytecode header and the generated bytecode (even if it sometimes differs in > trivial ways) is usable with all hash seed settings. > > --Guido > > On Fri, May 12, 2017 at 6:06 AM, Freddy Rietdijk <freddyrietdijk at fridh.nl> > wrote: > >> Hi, >> >> On Nix we set PYTHONHASHSEED to 0 when building packages, disabling hash >> randomization. We do this to improve determinism of the builds because we >> store the bytecode next to the code. >> >> When one runs Python directly or via a script PYTHONHASHSEED is not set >> thus enabling hash randomization. Am I correct when I say that in this case >> Python still uses the reproducibly build bytecode and, because its now >> running with a random seed we wouldn't be vulnerable to >> http://www.ocert.org/advisories/ocert-2011-003.html ? Or would it also >> try to each time also recompile bytecode? >> >> Kind regards, >> >> Freddy >> >> >> >> _______________________________________________ >> Python-Dev mailing list >> Python-Dev at python.org >> https://mail.python.org/mailman/listinfo/python-dev >> Unsubscribe: https://mail.python.org/mailman/options/python-dev/guido% >> 40python.org >> >> > > > -- > --Guido van Rossum (python.org/~guido) > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20170515/df24b16d/attachment.html>
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4