[Python-ideas] Secure unpickle
Emile van Sebille
emile at fenx.com
Wed Jul 22 23:51:53 CEST 2015
On 7/22/2015 1:03 AM, Neil Girdhar wrote:
> I've heard it said that pickle is a security hole,
Yes -- from the security section of the pickle docs:
However, for unpickling, it is never a good idea to unpickle an
untrusted string whose origins are dubious
> and so it's better to
> write your own serialization routine.
Or unpickle only trusted strings.
> That's unfortunate because pickle
> has so many advantages such as automatically tying into copy/deepcopy.
> Would it be possible to make unpickle secure, e.g., by having the
> caller create a context in which all calls to unpickle are limited to
> unpickling a specific set of types? (When these types unpickle their
> sub-objects, they could potentially limit the set of types further.)
More information about the Python-ideas