July 22, 2015
1:03 a.m.
I've heard it said that pickle is a security hole, and so it's better to write your own serialization routine. That's unfortunate because pickle has so many advantages such as automatically tying into copy/deepcopy. Would it be possible to make unpickle secure, e.g., by having the caller create a context in which all calls to unpickle are limited to unpickling a specific set of types? (When these types unpickle their sub-objects, they could potentially limit the set of types further.)