On 7/11/2020 11:17 PM, Greg Ewing wrote:
On
12/07/20 1:01 pm, Edwin Zimmerman wrote:
As I see it, the unsafe callables (eval,
exec, os.system, etc) are generally functions, and safe
ones(int, list, dict) are generally classes, though there
certainly would be exceptions.
Where security is concerned, "there certainly would be exceptions"
are not words you want to hear.
Agreed, that is why pickle should almost never be used. In the
past, I have looked long and hard at using pickle in my own
projects, but was always turned away because of its potential for
security issues. I've thought for years that pickle is a major
security foot gun, and I think that not allowing this by default:
>>> pickle.loads(b"cos\nsystem\n(S'echo
hello world'\ntR.")
would be a step in the right direction.
--Edwin