Browse files

Fixed #20080 - Recommended use of PYTHONHASHSEED

Thanks jacob for the suggestion and ryankask
for the patch.
  • Loading branch information...
1 parent b664cb8 commit 8aca2504df9d7d3c1244d1632f6cad45afa60115 @timgraham timgraham committed May 23, 2013
Showing with 15 additions and 0 deletions.
  1. +15 −0 docs/howto/deployment/checklist.txt
@@ -212,3 +212,18 @@ Miscellaneous
This setting is required if you're using the :ttag:`ssi` template tag.
+Python Options
+If you're using Python 2.6.8+, it's strongly recommended that you invoke the
+Python process running your Django application using the `-R`_ option or with
+the :envvar:`PYTHONHASHSEED` environment variable set to ``random``.
+These options help protect your site from denial-of-service (DoS)
+attacks triggered by carefully crafted inputs. Such an attack can
+drastically increase CPU usage by causing worst-case performance when
+creating ``dict`` instances. See `oCERT advisory #2011-003
+<>`_ for more information.
+.. _-r:

0 comments on commit 8aca250

Please sign in to comment.