[Python-Dev] Pickle alternative in stdlib (Was: On breaking modules into packages)
exarkun at twistedmatrix.com
exarkun at twistedmatrix.com
Fri Nov 5 05:09:35 CET 2010
On 12:21 am, marc at gsites.de wrote:
>Am 04.11.2010 17:15, schrieb anatoly techtonik:
> > pickle is insecure, marshal too.
>
>If the transport or storage layer is not save, you should
>cryptographically sign the data anyway::
>
> def pickle_encode(data, key):
> msg = base64.b64encode(pickle.dumps(data, -1))
> sig = base64.b64encode(hmac.new(key, msg).digest())
> return sig + ':' + msg
>
> def pickle_decode(data, key):
> if data and ':' in data:
> sig, msg = data.split(':', 1)
> if sig == base64.b64encode(hmac.new(key, msg).digest()):
> return pickle.loads(base64.b64decode(msg))
> raise pickle.UnpicklingError("Wrong or missing signature.")
>
>Bottle (a web framework) uses a similar approach to store non-string
>data in client-side cookies. I don't see a (security) problem here.
Your pickle_decode leaks information about the key. An attacker will
eventually (a few seconds to a few minutes, depending on how they have
access to this system) be able to determine your key and send you
arbitrary pickles (ie, execute arbitrary code on your system).
Oops.
This stuff is hard. If you're going to mess around with it, make sure
you're *serious* (better approach: don't mess around with it).
Jean-Paul
More information about the Python-Dev
mailing list