[Python-ideas] Fwd: Re: Secure unpickle

Neil Girdhar mistersheik at gmail.com
Thu Jul 23 16:28:38 CEST 2015 

Right, I forgot that that was mentioned in this thread.  Then, I don't see
the problem with unpickle.  Is it still not secure enough for matplotlib
e.g.?

On Thu, Jul 23, 2015 at 10:26 AM, Eric V. Smith <eric at trueblade.com> wrote:

> On 07/23/2015 09:54 AM, Neil Girdhar wrote:
> >
> >
> > On Wed, Jul 22, 2015 at 9:46 PM, Nathaniel Smith <njs at pobox.com
> > <mailto:njs at pobox.com>> wrote:
> >
> >     On Wed, Jul 22, 2015 at 5:27 PM, Neil Girdhar <mistersheik at gmail.com
> >     <mailto:mistersheik at gmail.com>> wrote:
> >     >
> >     > That is so unfortunate.  Pickle is such a good solution except for
> the
> >     > security.  Why can't we have security too?  It doesn't seem to me
> to be
> >     > right for a project like matplotlib to be writing their own
> serialization
> >     > library.  It would be awesome if Python had secure serialization
> built-in.
> >
> >     The reason you can pickle/unpickle arbitrary Python objects is that
> >     the pickle format is basically a structured, optimized way of
> >     generating and then evaluating arbitrary Python code. Which is great
> >     because it's totally general -- that's why we love pickle, you can
> >     pickle anything -- but that exact feature is what makes it insecure.
> >     If you want to make something secure, that means making some explicit
> >     decisions about what kinds of things can be put into your data format
> >     and which cannot, and write some explicit code to handle each of
> these
> >     things instead of just handing the file format direct access to your
> >     interpreter. But by the time you've done that you've done the hard
> >     part of implementing a new format anyway...
> >
> >
> > Wouldn't it be easier to just tell unpickle which code it's allowed to
> > run (by passing a list of modules and classes)?
>
> unpickle can already do that, via Unpickler.find_class. There's an
> example in the docs.
>
> Eric.
>
> _______________________________________________
> Python-ideas mailing list
> Python-ideas at python.org
> https://mail.python.org/mailman/listinfo/python-ideas
> Code of Conduct: http://python.org/psf/codeofconduct/
>
> --
>
> ---
> You received this message because you are subscribed to a topic in the
> Google Groups "python-ideas" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/python-ideas/OhYb7RHNHyA/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> python-ideas+unsubscribe at googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ideas/attachments/20150723/45a26557/attachment-0001.html>

More information about the Python-ideas mailing list