[Python-ideas] Adding a safe alternative to pickle in the standard library
Mark Hackett
mark.hackett at metoffice.gov.uk
Thu Feb 21 14:39:02 CET 2013
On Thursday 21 Feb 2013, Eric V. Smith wrote:
> On 2/21/2013 6:11 AM, Antoine Pitrou wrote:
> > Le Thu, 21 Feb 2013 06:01:19 -0500,
> > Devin Jeanpierre <jeanpierreda at gmail.com>
> >
> > a écrit :
> >> I've been noticing a lot of security-related issues being discussed in
> >> the Python world since the Ruby YAML problemcame out. Is it time to
> >> consider adding an alternative to pickle that is safe(r) by default?
> >
> > There's already json. Is something else needed?
>
> As stated elsewhere, it's cycles and especially arbitrary python objects
> that are the big draw for pickle.
>
> I've always wanted a version of pickle.loads() that takes a list of
> classes that are allowed to be instantiated. Often, when using pickle to
> serialize over say AMQP or some other transport, I know what classes I
> want to allow. Anything else is either a (not infrequent) logic error or
> an attack of some sort.
>
> I realize this isn't perfect, but it would certainly reduce the attack
> surface for many of my use cases. I'm already authenticating the sender,
> and when I'm really paranoid I also sign the pickles.
>
> Just a thought.
>
Is this not better solved by other methods? I.e. wasteful, but effective would
be to send it all by XML.
More information about the Python-ideas
mailing list