[Python-ideas] Adding a safe alternative to pickle in the standard library
Eric V. Smith
eric at trueblade.com
Thu Feb 21 14:32:47 CET 2013
On 2/21/2013 6:11 AM, Antoine Pitrou wrote:
> Le Thu, 21 Feb 2013 06:01:19 -0500,
> Devin Jeanpierre <jeanpierreda at gmail.com>
> a écrit :
>> I've been noticing a lot of security-related issues being discussed in
>> the Python world since the Ruby YAML problemcame out. Is it time to
>> consider adding an alternative to pickle that is safe(r) by default?
>
> There's already json. Is something else needed?
As stated elsewhere, it's cycles and especially arbitrary python objects
that are the big draw for pickle.
I've always wanted a version of pickle.loads() that takes a list of
classes that are allowed to be instantiated. Often, when using pickle to
serialize over say AMQP or some other transport, I know what classes I
want to allow. Anything else is either a (not infrequent) logic error or
an attack of some sort.
I realize this isn't perfect, but it would certainly reduce the attack
surface for many of my use cases. I'm already authenticating the sender,
and when I'm really paranoid I also sign the pickles.
Just a thought.
--
Eric.
More information about the Python-ideas
mailing list