hash romdomization is introduced at r17465 by akr. akr explained it is for algorithmic complexity attack in [ruby-dev:37778]. http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003/ 2013/3/21 "Martin J. D=FCrst" <duerst / it.aoyama.ac.jp> > Hello Shota, > > > On 2013/03/21 9:50, Shota Fukumori (sora_h) wrote: > >> On Thu, Mar 21, 2013 at 9:03 AM, Charles Oliver Nutter >> <headius / headius.com> wrote: >> >>> My question for ruby-core: at what point did you decide to make hash >>> for e.g. nil not be a single value (it was "4" in 1.8.7 and >>> different/random in 1.9.3+), and why did you do it? >>> >> >> Wait, `nil.id` returns NoMethodError, `nil.__id__` returns '4' (1.9.3) >> or '8' (2.0.0+), >> not a random value. >> > > The question is about nil.hash, not about nil.__id__. > > Regards, Martin. > > --=20 NARUSE, Yui <naruse / airemix.jp>