[Python-ideas] Fwd: Re: Secure unpickle
mistersheik at gmail.com
Thu Jul 23 15:54:58 CEST 2015
On Wed, Jul 22, 2015 at 9:46 PM, Nathaniel Smith <njs at pobox.com> wrote:
> On Wed, Jul 22, 2015 at 5:27 PM, Neil Girdhar <mistersheik at gmail.com>
> > That is so unfortunate. Pickle is such a good solution except for the
> > security. Why can't we have security too? It doesn't seem to me to be
> > right for a project like matplotlib to be writing their own serialization
> > library. It would be awesome if Python had secure serialization
> The reason you can pickle/unpickle arbitrary Python objects is that
> the pickle format is basically a structured, optimized way of
> generating and then evaluating arbitrary Python code. Which is great
> because it's totally general -- that's why we love pickle, you can
> pickle anything -- but that exact feature is what makes it insecure.
> If you want to make something secure, that means making some explicit
> decisions about what kinds of things can be put into your data format
> and which cannot, and write some explicit code to handle each of these
> things instead of just handing the file format direct access to your
> interpreter. But by the time you've done that you've done the hard
> part of implementing a new format anyway...
Wouldn't it be easier to just tell unpickle which code it's allowed to run
(by passing a list of modules and classes)? Then your serializer can be
reused by deepcopy and other Python routines that might tie into "reduce"?
I think that's easier than "implementing (yet another) a new format".
> Nathaniel J. Smith -- http://vorpus.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Python-ideas