Insecure Pickling

Heiko Wundram heikowu at
Fri Jun 11 21:27:36 CEST 2004

Am Freitag, 11. Juni 2004 21:14 schrieb Jeff:
> Has anyone seen a secure pickle alternative?

<shameless plug>

Check out Flatten (available under Files on It basically offers the same 
functionality as Pickle, but user classes are only picklable after they have 
been registered with the module, and must implement explicit __store__ and 
__load__ functionality.

Automatic type checking of class variables is only one of the additional 
gimmicks it offers. I'm currently working on a new release of Flatten which 
includes signing/encrypting parts of a pickle by the pickle creator/for a 
specific recipient, but this implementation isn't finished yet.

There is one incompatability with Pickle, which is explicitly noted in the 
documentation, and which refers to storing tuples which contain references to 
themselves (in some form, such as using themselves as a dict key in a dict 
which is contained in themselves, etc.); under several circumstances this 
doesn't get unserialized properly. But this is the only real problem there is 
with Flatten (AFAIK).

</shameless plug>

There are other packages out there, but I'll leave it to the others to point 
you at them (twisted implements a storage protocol which is secure (which can 
be made secure), for example, and IIRC it's called twisted.banana).



More information about the Python-list mailing list