[Python-ideas] An official complaint regarding the marshal and pickle documentation

Aaron Watters aaron.watters at gmail.com
Wed Mar 5 20:03:23 CET 2008

What follows is a brief summary of offline discussions with Guido and
Leonardo (I hope represented correctly, please complain if not):

Guido pointed out that previous versions of marshal could crash python.

I replied that that is a bug and all known instances have been fixed.
Pickle executes arbitrary code by design -- which is much worse than just
crashing a program.

Leonardo mentioned that pickle security concerns could be addressed using
crypto tricks.

I replied that I would be comfortable unmarshalling a file from a known
hostile party -- no crypto verification required, because the worst that
could happen is that it would crash the interpreter.  With pickle I'd be
handing my keyboard to a villian.

In summary: I think marshal.loads(s) is just as safe as unicode(s) or
file.read().  pickle.loads(s) is morally equivalant to __import__(s) or
I think the security warning for marshal and the implied recommendation that
pickle is okay for RPC should be removed.

  alright already, 'nuff said. whatever.  -- Aaron Watters
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ideas/attachments/20080305/bc3aa705/attachment.html>

More information about the Python-ideas mailing list