
I'd also agree, that the warning should be really prominent (especially since I just saw someone saying "for game states: Just pickle them", which could result in people getting problems when they get a mail saying "hey, look, I got to the 14th level"), but I don't think the warning was irresponsibly small. At least I saw it, when I began to learn python (but I had forgotten it until now). Maybe it could be replaced by yaml at some point, though, which offers a mode that doesn't execute everything (safe_load): http://pyyaml.org/wiki/PyYAMLDocumentation#LoadingYAML "safe_load(stream) parses the given stream and returns a Python object constructed from for the first document in the stream. If there are no documents in the stream, it returns None. safe_load recognizes only standard YAML tags and cannot construct an arbitrary Python object." And there's also a C implementation: http://pyyaml.org/browser/libyaml/trunk Which can be relicensed under the Python License: http://pyyaml.org/browser/libyaml/trunk/LICENSE Or pickle could get a safe_load function itself (if it doesn't yet have it). Best wishes, Arne El Wednesday, 5 de March de 2008 18:36:56 Guido van Rossum escribió:
I'm assuming that someone confronted you with this security issue somehow? Otherwise I don't understand why you'd be so upset about it.
BTW the warning for marshal is legit -- the C code that unpacks marshal data has not been carefully analyzed against buffer overflows and so on. Remember the first time someone broke into a system through a malicious JPEG? The same could happen with marshal. Seriously.
I agree that the pickle module's warning needs to be moved to a more prominent place (Georg has probably aready done this by the time I'm finished typing this message :-). But I see no reason to get so upset about it as to use all caps.
--Guido
On Wed, Mar 5, 2008 at 8:11 AM, Aaron Watters <aaron.watters@gmail.com> wrote:
In response to Oleg and George.
Yes apparently there is an acknowledgement in some subordinate page somewhere that there might be some problem with security and pickle. This should be on the first page in bold face like the unneeded one for marshal. I missed it just now because I just looked at the first page for marshal and pickle, like most people probably would, sorry.
Also this line from the marshal doc has got to go:
"For general persistence and transfer of Python objects through RPC calls, see the modules pickle and shelve. " http://docs.python.org/lib/module-marshal.html
which should read "For RPC calls never use pickle."
And the security warning for marshal benieth it should be removed because it is nonsense.
The implication of the current documentation is that most of my public projects contain serious security holes when they don't. And if you don't read the documentation carefully (like the implementers of Plone apparently didn't) the docs seem to suggest that pickle is somehow "safer" when it is about as unsafe as it could be.
-- Aaron Watters
_______________________________________________ Python-ideas mailing list Python-ideas@python.org http://mail.python.org/mailman/listinfo/python-ideas
-- Unpolitisch sein Heißt politisch sein Ohne es zu merken. - Arne Babenhauserheide ( http://draketo.de ) -- Weblog: http://blog.draketo.de -- Mein öffentlicher Schlüssel (PGP/GnuPG): http://draketo.de/inhalt/ich/pubkey.txt