diff options
author | Tim Graham <timograham@gmail.com> | 2013-05-22 21:12:55 -0400 |
---|---|---|
committer | Tim Graham <timograham@gmail.com> | 2013-05-23 08:16:03 -0400 |
commit | 8aca2504df9d7d3c1244d1632f6cad45afa60115 (patch) | |
tree | adbc1731a169e3d6e786e84520af96ad43fad115 /docs/howto | |
parent | b664cb818d2e5896df2763299ea2c61a9af069a8 (diff) | |
download | django-8aca2504df9d7d3c1244d1632f6cad45afa60115.tar.gz |
Fixed #20080 - Recommended use of PYTHONHASHSEED
Thanks jacob for the suggestion and ryankask
for the patch.
Diffstat (limited to 'docs/howto')
-rw-r--r-- | docs/howto/deployment/checklist.txt | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/docs/howto/deployment/checklist.txt b/docs/howto/deployment/checklist.txt index b72be75497..4498c78e3f 100644 --- a/docs/howto/deployment/checklist.txt +++ b/docs/howto/deployment/checklist.txt @@ -212,3 +212,18 @@ Miscellaneous -------------------------------- This setting is required if you're using the :ttag:`ssi` template tag. + +Python Options +============== + +If you're using Python 2.6.8+, it's strongly recommended that you invoke the +Python process running your Django application using the `-R`_ option or with +the :envvar:`PYTHONHASHSEED` environment variable set to ``random``. + +These options help protect your site from denial-of-service (DoS) +attacks triggered by carefully crafted inputs. Such an attack can +drastically increase CPU usage by causing worst-case performance when +creating ``dict`` instances. See `oCERT advisory #2011-003 +<http://www.ocert.org/advisories/ocert-2011-003.html>`_ for more information. + +.. _-r: http://docs.python.org/2.7/using/cmdline.html#cmdoption-R |