The bottom line is that pickle should never be used in a security sensitive context.  Several years ago I spent about 5 minutes writing a custom pickle fuzzer.  It ran for about 60 seconds before segfaulting.  Fortunately, the last time I ran my fuzzer (about a year ago), all I could produce was a MemoryError traceback.

Even with all the improvements pickle has seen, I think it would be unwise to imply (via pickle module names or flags) that pickle is "safe".

--Edwin

On 7/11/2020 1:31 PM, Wes Turner wrote:
Would this accomplish something like:

pickle.load(safe=True)  # or
pickle.safe_loads()

Is there already a way to load data and not code *with pickle*?
https://docs.python.org/3/library/pickle.html

On Sat, Jul 11, 2020, 11:01 AM Random832 <random832@fastmail.com> wrote:
The current practice, by overriding find_class, is limited to overriding what globals get loaded. This makes it impossible to distinguish globals that will be used as data from globals that will be called as constructors, along with similar concerns with object attributes [especially methods] obtained by loading builtins.getattr as global.

I would suggest also exposing for overrides the points where a callable loaded from the pickle is called - on the pure-python _Unpickler these are _instantiate, load_newobj, load_newobj_ex, and load_reduce, though it might be worthwhile to make a single method that can be overridden and use it at the points where each of these call a loaded object.
_______________________________________________
Python-ideas mailing list -- python-ideas@python.org
To unsubscribe send an email to python-ideas-leave@python.org
https://mail.python.org/mailman3/lists/python-ideas.python.org/
Message archived at https://mail.python.org/archives/list/python-ideas@python.org/message/BB2TLAF6YSE5PEDQCPLWATDTUYPNXA4D/
Code of Conduct: http://python.org/psf/codeofconduct/

_______________________________________________
Python-ideas mailing list -- python-ideas@python.org
To unsubscribe send an email to python-ideas-leave@python.org
https://mail.python.org/mailman3/lists/python-ideas.python.org/
Message archived at https://mail.python.org/archives/list/python-ideas@python.org/message/NRLT3IPO7X7BCE5NS7TUUEIHGUWMYGKC/
Code of Conduct: http://python.org/psf/codeofconduct/