[Python-ideas] Fwd: Re: Secure unpickle
Neil Girdhar
mistersheik at gmail.com
Thu Jul 23 16:28:38 CEST 2015
Right, I forgot that that was mentioned in this thread. Then, I don't see
the problem with unpickle. Is it still not secure enough for matplotlib
e.g.?
On Thu, Jul 23, 2015 at 10:26 AM, Eric V. Smith <eric at trueblade.com> wrote:
> On 07/23/2015 09:54 AM, Neil Girdhar wrote:
> >
> >
> > On Wed, Jul 22, 2015 at 9:46 PM, Nathaniel Smith <njs at pobox.com
> > <mailto:njs at pobox.com>> wrote:
> >
> > On Wed, Jul 22, 2015 at 5:27 PM, Neil Girdhar <mistersheik at gmail.com
> > <mailto:mistersheik at gmail.com>> wrote:
> > >
> > > That is so unfortunate. Pickle is such a good solution except for
> the
> > > security. Why can't we have security too? It doesn't seem to me
> to be
> > > right for a project like matplotlib to be writing their own
> serialization
> > > library. It would be awesome if Python had secure serialization
> built-in.
> >
> > The reason you can pickle/unpickle arbitrary Python objects is that
> > the pickle format is basically a structured, optimized way of
> > generating and then evaluating arbitrary Python code. Which is great
> > because it's totally general -- that's why we love pickle, you can
> > pickle anything -- but that exact feature is what makes it insecure.
> > If you want to make something secure, that means making some explicit
> > decisions about what kinds of things can be put into your data format
> > and which cannot, and write some explicit code to handle each of
> these
> > things instead of just handing the file format direct access to your
> > interpreter. But by the time you've done that you've done the hard
> > part of implementing a new format anyway...
> >
> >
> > Wouldn't it be easier to just tell unpickle which code it's allowed to
> > run (by passing a list of modules and classes)?
>
> unpickle can already do that, via Unpickler.find_class. There's an
> example in the docs.
>
> Eric.
>
> _______________________________________________
> Python-ideas mailing list
> Python-ideas at python.org
> https://mail.python.org/mailman/listinfo/python-ideas
> Code of Conduct: http://python.org/psf/codeofconduct/
>
> --
>
> ---
> You received this message because you are subscribed to a topic in the
> Google Groups "python-ideas" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/python-ideas/OhYb7RHNHyA/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> python-ideas+unsubscribe at googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ideas/attachments/20150723/45a26557/attachment-0001.html>
More information about the Python-ideas
mailing list