I've heard it said that pickle is a security hole, and so it's better to write your own serialization routine. That's unfortunate because pickle has so many advantages such as automatically tying into copy/deepcopy. Would it be possible to make unpickle secure, e.g., by having the caller create a context in which all calls to unpickle are limited to unpickling a specific set of types? (When these types unpickle their sub-objects, they could potentially limit the set of types further.)
On 7/22/2015 1:03 AM, Neil Girdhar wrote:
I've heard it said that pickle is a security hole,
Yes -- from the security section of the pickle docs: However, for unpickling, it is never a good idea to unpickle an untrusted string whose origins are dubious
and so it's better to write your own serialization routine.
Or unpickle only trusted strings.
That's unfortunate because pickle has so many advantages such as automatically tying into copy/deepcopy. Would it be possible to make unpickle secure, e.g., by having the caller create a context in which all calls to unpickle are limited to unpickling a specific set of types? (When these types unpickle their sub-objects, they could potentially limit the set of types further.)
Do-you-know-where-your-pickles-been-lately-ly yr's, Emile
Have you looked at https://docs.python.org/3/library/pickle.html#pickle-restrict ? -- Eric.
On Jul 22, 2015, at 4:03 AM, Neil Girdhar <mistersheik@gmail.com> wrote:
I've heard it said that pickle is a security hole, and so it's better to write your own serialization routine. That's unfortunate because pickle has so many advantages such as automatically tying into copy/deepcopy. Would it be possible to make unpickle secure, e.g., by having the caller create a context in which all calls to unpickle are limited to unpickling a specific set of types? (When these types unpickle their sub-objects, they could potentially limit the set of types further.) _______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/
That's amazing. I did not know about that. On Wed, Jul 22, 2015 at 6:30 PM, Eric V. Smith <eric@trueblade.com> wrote:
Have you looked at https://docs.python.org/3/library/pickle.html#pickle-restrict ?
-- Eric.
On Jul 22, 2015, at 4:03 AM, Neil Girdhar <mistersheik@gmail.com> wrote:
I've heard it said that pickle is a security hole, and so it's better to write your own serialization routine. That's unfortunate because pickle has so many advantages such as automatically tying into copy/deepcopy. Would it be possible to make unpickle secure, e.g., by having the caller create a context in which all calls to unpickle are limited to unpickling a specific set of types? (When these types unpickle their sub-objects, they could potentially limit the set of types further.) _______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/
Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/
--
--- You received this message because you are subscribed to a topic in the Google Groups "python-ideas" group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/python-ideas/OhYb7RHNHyA/unsubscribe. To unsubscribe from this group and all its topics, send an email to python-ideas+unsubscribe@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
participants (3)
-
Emile van Sebille -
Eric V. Smith -
Neil Girdhar