[Python-checkins] r82367 - python/trunk/Doc/library/logging.rst
vinay.sajip
python-checkins at python.org
Tue Jun 29 17:13:15 CEST 2010
Author: vinay.sajip
Date: Tue Jun 29 17:13:14 2010
New Revision: 82367
Log:
Added information about pickle security and SocketHandler.
Modified:
python/trunk/Doc/library/logging.rst
Modified: python/trunk/Doc/library/logging.rst
==============================================================================
--- python/trunk/Doc/library/logging.rst (original)
+++ python/trunk/Doc/library/logging.rst Tue Jun 29 17:13:14 2010
@@ -2039,6 +2039,11 @@
Pickles the record's attribute dictionary in binary format with a length
prefix, and returns it ready for transmission across the socket.
+ Note that pickles aren't completely secure. If you are concerned about
+ security, you may want to override this method to implement a more secure
+ mechanism. For example, you can sign pickles using HMAC and then verify
+ them on the receiving end, or alternatively you can disable unpickling of
+ global objects on the receiving end.
.. method:: send(packet)
More information about the Python-checkins
mailing list