Developing a network protocol with Python
Laszlo Zsolt Nagy
gandalf at designaproduct.biz
Wed Dec 14 13:20:13 EST 2005
Paul Rubin wrote:
>Laszlo Zsolt Nagy <gandalf at designaproduct.biz> writes:
>
>
>>But how can I transfer pure python objects otherwise? Pyro also uses
>>Pickle and it also transfers bytecode.
>>
>>
>Pyro in the past used pickle in an insecure way. I'd heard it had
>been fixed and I didn't realize it still uses pickle.
>
>
On the features page, you can read this:
"Mobile objects. Clients and servers can pass objects around - even when
the server has never known them before. Pyro will then automatically
transfer the needed Python bytecode."
I believe that using cPickle and transferring data (but not the code) is
still more secure than transferring bytecode. :-)
Les
More information about the Python-list
mailing list