[Python-ideas] Adding a safe alternative to pickle in the standard library
Steven D'Aprano
steve at pearwood.info
Fri Feb 22 08:04:05 CET 2013
On 22/02/13 04:33, Mark Hackett wrote:
> Being serious, though, if your code requires a serious amount of security,
> you're better off writing your own parsing.
If you're serious about security, you don't want amateurs trying to build
security from scratch. And that includes yourself, if you are not a security
expert.
A programmer ought to be aware of their own limitations. I am not a security
expert, and I don't have the time or inclination to become one. I want, no,
I *need*, solutions for common problems to be safe by default, or at least for
their vulnerabilities to be documented clearly and obviously in language I
can understand, so I can write code with reasonable levels of security instead
of inventing my own insecure, unsafe solutions.
I know enough not to call eval() on data retrieved from untrusted sources. Not
everyone even knows that much. I've seen code that literally downloaded content
from a website, then eval'ed it without even a token attempt to sanitize it.
Do you expect this person to write his own secure data serialiser?
Anyone can write code with no security vulnerabilities that *they* can see.
And frequently do.
--
Steven
More information about the Python-ideas
mailing list