Warn more about disclosing the hash seed, from Scott A. Crosby.

p4raw-id: //depot/perl@21139
author: Jarkko Hietaniemi <jhi@iki.fi> 2003-09-09 11:55:33 +0000
committer: Jarkko Hietaniemi <jhi@iki.fi> 2003-09-09 11:55:33 +0000
commit: 26a2d34763c26e0d624a4f2227cb0f7da1812632 (patch)
tree: a330ff4b86dd9f6e2bd5889cc1785bbcb0c90980 /lib/Hash
parent: a179871ba0a4416951234c6b0cf01884909b8e1f (diff)
download: perl-26a2d34763c26e0d624a4f2227cb0f7da1812632.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/Hash/Util.pm b/lib/Hash/Util.pm
index 8e8c95265c..c5d30592ff 100644
--- a/lib/Hash/Util.pm
+++ b/lib/Hash/Util.pm
@@ -187,6 +187,12 @@ hash_seed() returns the seed number used to randomise hash ordering.
 Zero means the "traditional" random hash ordering, non-zero means the
 new even more random hash ordering introduced in Perl 5.8.1.
 
+B<Note that the hash seed is sensitive information>: by knowing it one
+can craft a denial-of-service attack against Perl code, even remotely,
+see L<perlsec/"Algorithmic Complexity Attacks"> for more information.
+B<Do not disclose the hash seed> to people who don't need to know it.
+See also L<perlrun/PERL_HASH_SEED_DEBUG>.
+
 =cut
 
 sub hash_seed () {
author	Jarkko Hietaniemi <jhi@iki.fi>	2003-09-09 11:55:33 +0000
committer	Jarkko Hietaniemi <jhi@iki.fi>	2003-09-09 11:55:33 +0000
commit	26a2d34763c26e0d624a4f2227cb0f7da1812632 (patch)
tree	a330ff4b86dd9f6e2bd5889cc1785bbcb0c90980 /lib/Hash
parent	a179871ba0a4416951234c6b0cf01884909b8e1f (diff)
download	perl-26a2d34763c26e0d624a4f2227cb0f7da1812632.tar.gz