Insecure Pickling

Paul Rubin http
Sun Jun 13 23:29:19 CEST 2004

Dieter Maurer <dieter at> writes:
> You could use encrypted pickles to make sure that nobody without
> knowledge of the encryption key can create pickles you are
> ready to unpickle.
> Of course, this raises the question how secure you can manage
> the encryption key.

I think you mean "authenticate" rather than "encrypt", but I don't
know whether either is enough, especially if your program uses
multiple pickles.  It might be safe to unpickle something in one
context but not in another.  For example, say a certain section of
your web app sets cookies X, that contains an encrypted/authenticated
pickle.  Navigating to some other section of the app clears the cookie
and sets it to some different pickle.  The attacker holds onto a copy
of X from the first section and plays it back into the second section
where unpickling has a completely different effect.  

Basically you have to be real real careful with this stuff, no matter what.

More information about the Python-list mailing list