On Wed, Apr 22, 2009 at 5:37 PM, Raymond Hettinger <python@rcn.com> wrote:

...

...

* it is a major security risk for untrusted inputs

...

There are way to fix this without replacing pickle. See the recipe in pickle documentation:

http://docs.python.org/3.0/library/pickle.html#restricting-globals

If you think untrusted pickles can easily be made secure, then you've missed the last ten years of discussions on the subject.   There's a reason we put the big red warnings in the docs.

Could you elaborate on this, or point me to the specific discussions? And how to you plan to make your alternative secure?

...

But how are you going to handle serialization of class instances in a language independent manner?

The same way RPC works, you need to have similar structures on each end.  Take a look at JSON-RPC to get an idea of how this works.

That makes sense, thanks.

Overall, I don't see what you're getting at.  I'm not looking to eliminate the current pickles.

Ah then I have nothing against your proposal. It is the way you presented your idea against pickle that confused me; I actually thought you wanted to replace pickle. In that case, you probably want to take a look at the twisted.jelly module and pysyck. They each share some of the goals you aiming for. Cheers, -- Alexandre