marshal vs pickle

Raymond Hettinger python at
Thu Nov 1 19:15:01 CET 2007

On Nov 1, 4:45 am, Aaron Watters <aaron.watt... at> wrote:
> Marshal is more secure than pickle

"More" or "less" make little sense in a security context which
typically is an all or nothing affair.  Neither module is designed for
security.  From the docs for marshal:

Warning: The marshal module is not intended to be secure against
erroneous or maliciously constructed data. Never unmarshal data
received from an untrusted or unauthenticated source.

If security is a focus, then use xmlrpc or some other tool that
doesn't construct arbitrary code objects.

I don't think you are doing the OP any favors by giving advice in
contravention of the docs and against the intended purpose of the two
modules.  Bjoern's post covered the topic succinctly and accurately.


More information about the Python-list mailing list