Browse files

Fixed #20080 - Recommended use of PYTHONHASHSEED

Thanks jacob for the suggestion and ryankask
for the patch.
  • Loading branch information...
timgraham committed May 23, 2013
1 parent b664cb8 commit 8aca2504df9d7d3c1244d1632f6cad45afa60115
Showing with 15 additions and 0 deletions.
  1. +15 −0 docs/howto/deployment/checklist.txt
@@ -212,3 +212,18 @@ Miscellaneous
This setting is required if you're using the :ttag:`ssi` template tag.
Python Options
If you're using Python 2.6.8+, it's strongly recommended that you invoke the
Python process running your Django application using the `-R`_ option or with
the :envvar:`PYTHONHASHSEED` environment variable set to ``random``.
These options help protect your site from denial-of-service (DoS)
attacks triggered by carefully crafted inputs. Such an attack can
drastically increase CPU usage by causing worst-case performance when
creating ``dict`` instances. See `oCERT advisory #2011-003
<>`_ for more information.
.. _-r:

0 comments on commit 8aca250

Please sign in to comment.